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Route Aggregation 


1-1: aggregate-address address mask 
Syntax Description: 


® address—Aggregate IP address. 
© mask—Aggregate mask. 


Purpose: To create an aggregate entry in the BGP table. An aggregate is created only if a 
more-specific route of the aggregate exists in the BGP table. This form of the aggregate- 

address command advertises the aggregate and all the more-specific routes that are part of 
the aggregate. 


Cisco IOS Software Release: 10.0 


Configuration Example 1: Aggregating Local Routes 


For this example, we will aggregate locally sourced routes. In Figure 1-1, Router B 
aggregates the four networks 172.16.0.x through 172.16.3.x. 


Figure 1-1 Aggregating Locally Sourced Routes 
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Router A 

router bgp 1 

neighbor 10.1.1.2 remote-as 2 

Router B 

interface loopback @ 

ip address 172.16.0.1 255.255.255.0 


interface loopback 1 
ip address 172.16.1.1 255.255.255.080 
! 


interface loopback 2 


ip address 172.16.2.1 255.255.255.0 
! 
interface loopback 3 


ip address 172.16.3.1 255.255.255.080 
! 


router bgp 2 

network 172.16.0.0 mask 255.255.255.0 
network 172.16.1.0 mask 255.255.255.0 
network 172.16.2.0 mask 255.255.255.0 
network 172.16.3.0 mask 255.255.255.0 


neighbor 10.1.1.1 remote-as 1 
! 


Four loopbacks have been created on Router B to simulate the locally sourced routes that 
will be aggregated. A BGP router can advertise an aggregate only if at least one specific 
route of the aggregate is in the BGP table. The BGP network commands are necessary on 

Router B in order to place more-specific routes of the aggregate into the BGP table. Before — 
aggregating the loopback prefixes, verify that the specific routes are in the BGP tables on — 
Routers A and B: . 


Ss 


rtrA#show ip bgp 

BGP table version is 16, local router ID is 172.17.1.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 

Origin codes: i - IGP, e - EGP, ? - incomplete w) \ 
he r 

Network Metric LocPrf Weight PAth 

172.16.0.0/24 my fp ie Q j 

172.16.1.0/24 Q i 

172.16.2.0/24 5 PSE ts) 

2.16.3.0/24 @ 


~ 
a) 


BGP table version is 6, local router ID is 172.16.3.1 
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network ext H Metric LocPrf Weight Path 
172.16.0.0/24 0.0. @ 32768 i 
172.16.1.0/24 0.0. 1) 32768 i 
172.16.2.0/24 -0.0. Q 32768 i 
172.16.3.0/24 .0.0. ® 32768 i 
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Now modify the BGP configuration on Router B to enable the advertisement of the 
aggregate: 


Router B 
router bgp 2 
network 172.1 
network 172.1 


6.0.0 mask 255.255.255.0 
6.1.0 mask 255.255.255.0 
network 172.16.2.0 mask 255.255.255.0 
network 172.16.3.0 mask 255.255.255.0 


neighbor 10.1.1.1 remote-as 1 


The configuration for Router B contains a network command for every prefix that is part 
of the aggregate. Because we need only one more-specific route in the BGP table in order 
to generate the prefix, we could have used only one network command. The problem with 
using only one network command is that if the network goes down, the more-specific route 
is withdrawn from the BGP table. If the only specific route in the BGP table is withdrawn, 
the aggregate is withdrawn as well. By using a network command for every prefix that is 
contained in the aggregate, the aggregate is advertised as long as one of the more-specific 
routes is up. 


Verification 
Verify that the aggregate address is in both the Router A and B BGP tables: 


rtrA#show ip bgp 

BGP table version is 18, local router ID is 172.17.1.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
172.16.0.0/24 


172.16.1.0/24 
172.16.2.0/24 


p 
BGP table version is 8, local router ID is 172.16.3.1 
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
172.16.0.0/24 @ 32768 i 


172.16.1.0/24 .0.0. 32768 i 
172.16.2.0/24 -0.0. 32768 i 
172.16.3.0/24 -0.0. 32768 i 
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Examine the specific information for the aggregate on Router A: 


rtrA#show ip bgp 172.16.0.0 255.255.252.0 
BGP routing table entry for 172.16.0.0/22, version 18 
Paths: (1 available, best #1, table Default-IP-Routing-Table) 
Not advertised to any peer 
2, (aggregated by 2 172.16.3.1) 
10.1.1.2 from 10.1.1.2 (172.16.3.1) 


(Nocera ree HA bo OMICRBRNERAIEPTsinicaes thar the AS 
information for the aggregate has been lost. This does not pose any problems in this 


example, because the routes that comprise the aggregate and the aggregate itself originate 
on the same router. The next example more clearly illustrates the atomic aggregate 
attribute. Also notice that the aggregate for this example contains only the four prefixes 
172.16.0.0/24 through 172.16.3.0/24. We could have used an aggregate with a shorter 
mask. For example, we could use a 16-bit mask when forming the aggregate on Router B, 
as shown in the following configuration. This is not recommended, though, because you are 
aggregating routes that might not belong to you. 


Router B 

router bgp 2 

network 172.16.0.@ mask 255.255.255.0 
network 172.16.1.@ mask 255.255.255.0 


network 172.16.2.@ mask 255.255.255.090 
network 172.16.3.@ mask 255.255.255.0 


neighbor 10.1.1.1 remote-as 1 


Verify that the aggregate is being advertised: 


rtrBéshow ip bgp 

BGP table version is 20, local router ID is 172.17.1.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
172.16.0.0/24 10.1. 


172.16.1.0/24 
172.16.2.0/24 
172.16.3.0/24 


Finally, examine the IP routing table on Router B: 


rtrB#show ip route 
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP 
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 
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(Continued) 
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP 
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default 
U - per-user static route, o - ODR 


Gateway of last resort is not set 
1.0.0.0/32 is subnetted, 1 subnets 


1.1.1.1 is directly connected, Loopback® 
172.16.0.0/16 is variably subnetted, 5 subnets, 2 masks 


172.16.0.0/24 is directly connected, Loopback1 
172.16.1.0/24 is directly connected, Loopback2 


172.16.2.0/24 is directly connected, Loopback3 

172.16.3.0/24 is directly connected, Loopback4 
10.0.0.0/30 is subnetted, 1 subnets 

10.1.1.@ is directly connected, Serial®d 


igure 1-2 illustrates the purpose of the route to Null 0. 


Figure 1-2 = Route to Null 0 Is Needed to Prevent Routing Loops 
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uter B withdraws this route 
from the BGP table but still advertises the aggregate. Assume that Router B has a default 
route pointing to Router A and that there is no BGP route for 172.16.0.0/22 to Null 0 on 


Router B receives the packet, it inspects the IP routing table to determine how to route the 
packet. Because 172.16.2.0/24 is down, there is no route in the routing table. Router B 
sends the packet to the default route, which is toward Router A. When Router A receives 
the packet, it is sent back to B, and B sends it back to A. This process continues until the 
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ST 


TTL in the IP packet goes to 0. With the Null 0 route for 172.16.0.0/22 on Router B, the 
packet is simply dropped if network 172.16.2.0/24 is down. 


Configuration Example 2: Aggregating Redistributed Routes 


Instead of using the network command to place the more-specific routes in the BGP table, 
we could simply redistribute the connected routes and then aggregate them, as in Example ~ 
1. Modify the BGP configuration on Router B using redistribution instead of the network — 
command. The no auto-summary command is needed to prevent the router from 
generating a classful summary of the 172.16.0.0/16 network (see Chapter 2, “Auto- 
Summary,” for more information): 


Router B 
router bgp 2 
aggregate-address 172.16.0.@ 255.255.252.0 


neighbor 10.1.1.1 remote-as 1 


Verification 4 
Inspect the BGP tables on Routers A and B to verify that the summary is being advertised: — 


rtrA#show ip bgp 

BGP table version is 18, local router ID is 172.16.3.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
10.1.1.0/30 athe stk. 7 


172.16.0.0/24 


172.16.1.0/24 
172.16.2.0/24 
172.16.3.0/24 


Configuration Example 3: Aggregating BGP Learned Routes 


In Figure 1-3, Router A is learning the prefixes 172.16.0.0/24 through 172.16.3.0/24 from — 
Router B. Because these routes are now in the BGP table on Router A, Router A can 
aggregate them into the 172.16.0.0/22 prefix. 


1-1: aggregate-address address mask 9 


Figure 1-3 Aggregating BGP Learned Routes 
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Router A 
router bgp 1 


- neighbor 10.1.1.2 remote-as 2 
neighbor 172.17.1.2 remote-as 65530 
interface loopback @ 
ip address 172.16.0.1 255.255.255.0 
! 
interface loopback 1 
ip address 172.16.1.1 255.255.255.0 
! 
interface loopback 2 
ip address 172.16.2.1 255.255.255.0 
! 


interface loopback 3 

ip address 172.16.3.1 255.255.255.0 
! 

router bgp 2 

network 172.16.@.@ mask 255.255.255.0 
network 172.16.1.0 mask 255.255.255.0 
network 172.16.2.0 mask 255.255.255.0 
network 172.16.3.@ mask 255.255.255.0 
neighbor 10.1.1.1 remote-as 1 


router bgp 65530 
neighbor 172.17.1.1 remote-as 1 
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Verification 
The BGP tables on Routers A and C should now contain the aggregate address: 


rtrA#show ip bgp 

BGP table version is 6, local router ID is 172.17.1.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
*> 172.16.0.0/24 


*> 172.16.1.0/24 i SR 
172.16.2.0/24 1.7162 
1.712 


172.16.3.0/24 
rtrC#show ip bgp 
BGP table version is 32, local router ID is 172.17.1.2 
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
*> 172.16.0.0/24 W720aT ote 


*> 172.16.1.0/24 Vastret: 
172.16.2.0/24 tests ods 
172.16.3.0/24 Ai DE As 


Notice that in the BGP table on Router C, the path information for the specific routes is 
different from the path for the aggregate route. Router A is forming the aggregate, so it 
looks as though Router A “owns” this route. If you check the specific route information for 
the aggregate on Router C in the following output, you can see that the route carries the 
atomic attribute, signifying that there has been a loss of AS path information: 


rtrC#show ip bgp 172.16.6.@ 255.255.252.0 
BGP routing table entry for 172.16.0.0/22, version 28 , 
Paths: (1 available, best #1) 

Not advertised to any peer 

1, (aggregated by 1 172.17.1.1) 
172.17.4.1. From, 172. 17.'1..1 417251720.) 


If you need to retain the AS path information for the aggregate, see section 1-3. : 


1-1: aggregate-address address mask 11 


Configuration Example 4: Aggregating Using a Static Route 


For the scenario in Figure 1-1, an aggregate could have been generated by creating a static 
route on Router B and then redistributing the static route into BGP: 


Router B 
router bgp 2 


neighbor 10.1.1.1 remote-as 1 
no auto-summary 
! 


Verification 


Verify that the aggregate is being generated and advertised by checking the BGP tables on 
Routers A and B. 


rtrA#show ip bgp 

BGP table version is 18, local router ID is 172.17.1.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
172.16.0.0/24 


172.16.1.0/24 
172.16.2.0/24 
1 


5 p ' 
BGP table version is 6, local router ID is 172.16.3.1 
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
172.16.0.0/24 v1) 32768 i 


172.16.1.0/24 .0.0. 32768 i 
172.16.2.0/24 -0.0. 32768 i 
172.16.3.0/24 -@.0. 32768 i 


Troubleshooting 
Step 1 Verify that the BGP neighbors are in the Established state using the show 
ip bgp neighbors command. 
If the neighbor relationship is not in the Established state, see section 8-23. 


Step 2 Ensure that at least one specific route in the BGP table is contained in the 
range of addresses that you want to aggregate using the show ip bgp 
command. 
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Step 3 
Step 4 


Step 5 


If at least one more-specific route is in the BGP table, go to Step 5. 


If at least one more-specific route is not in the BGP table, do the 
following: 


ye no auto-summary command. 


Go to Step 2. 


MN 


the syntax of your redistribution command(s). 


Verify that no filters are blocking the aggregate from being advertised. 


1-2: aggregate-address address mask as-set 


Syntax Description: 


© address—Aggregate IP address. 


© mask—Aggregate mask. 


Purpose: To create an aggregate entry in the BGP table. An aggregate is created only if a 
more-specific route of the aggregate exists in the BGP table. Without the as-set option, the 
AS path information for the specific routes forming the aggregate is lost. This form of the 
aggregate-address command advertises the aggregate while retaining the AS path 
information for the more-specific routes. 


Cisco IOS Software Release: 10.0 


Configuration Example: Forming an Aggregate Consisting of 
Prefixes from Different Autonomous Systems 


In Figure 1-4, Router A is learning about networks 172.16.0,0/24 and 172.16.1.0/24 from 
AS 65530 and networks 172.16.2.0/24 and 172.16.3.0/24 from AS 2. 


1-2: aggregate-address address mask as-set 13 


Figure 1-4 Aggregate Consists of Routes Originated in Multiple Autonomous Systems 


172.16.0.0/24 AS 65530 172.16.2.0/24 AS 2 
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172.16.1,0/24 : a . -z : = 172.16.3.0/24 


172.17.1.2/24 
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Router A 
router bgp 1 

neighbor 10.1.1.2 remote-as 2 
neighbor 172.17.1.2 remote-as 65530 


interface loopback @ 
ip address 172.16.2.1 255.255.255.0 
! 

interface loopback 1 

ip address 172.16.3.1 255.255.255.0 
! 

router bgp 2 

network 172.16.2.0 mask 255.255.255.0 
network 172.16.3.0 mask 255.255.255.0 
neighbor 10.1.1.1 remote-as 1 
Router 
interface loopback @ 

ip address 172.16.0.1 255.255.255.0 
! 

interface loopback 1 

ip address 172.16.1.1 255.255.255.@ 
! 

router bgp 65530 
network 172.16.0.@ mask 255.255.255.0 
network 172.16.1.0 mask 255.255.255.0 
neighbor 172.17.1.1 remote-as 1 
! 


Four loopbacks have been created—two on Router B and two on Router C. A BGP router 
can advertise an aggregate only if at least one specific route of the aggregate is in the BGP 
table. The BGP network commands are necessary on Routers B and C in order to place 
more-specific routes of the aggregate into the BGP table. Before aggregating the loopback 
prefixes, verify that the specific routes are in the BGP tables on Routers A, B, and C: 
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rtrA#show ip bgp 
BGP table version is 35, local router ID is 144.223.1.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
*> 172.16.0.0/24 172,147.43 <2 Q @ 65530 i 
*> 172.16.1.0/24 Wie: t 2 Q @ 65530 i 
*> 172.16.2.0/24 10.4.7.2 i) @2i 
.3.0/24 We lsstve ) @2i 


ip bgp 
BGP table version is 13, local router ID is 172.16.3.1 


Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 

*> 172.16.0.0/24 10.1.1.1 @ 1 65530 i 
*> 172.16.1.0/24 10.1.1.1 @ 1 65530 i 
*> 172.16.2.0/24 -0.0 i) 32768 i 
2.16.3.0/24 ®@.0 32768 I 


BGP table version is 35, local router ID is 172.17.1.2 
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
*> 172.16.0.0/24 @.0.0.0 vi) 32768 i 
*> 172.16.1.0/24 @.0.0.0 Q 32768 i 


*> 172.16.2.0/24 Wigetlsiat 
172.16.3.0/24 Wi2ali ober 


Now modify the BGP configuration on Router A to enable the advertisement of the 
aggregate: 


Router A 

router bgp 1 
neighbor 10.1.1.2 remote-as 2 
neighbor 172.17.1.2 remote-as 65530 


The aggregate contains two routes from AS 65530 and two routes from AS 2. Router A 
should now be advertising the aggregate with itself as the next hop, indicating a loss of AS 
path information. The AS path information for the aggregate indicates that this prefix 
originates from AS 1. Routers B and C accept this route because their AS number does not 
appear in the AS_PATH attribute: 


rtrA#show ip bgp 
BGP table version is 6, local router ID is 144.223.1.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


1-2: aggregate-address address mask as-set 15 
AAS SES EN RNS RE VS Se SACRA | ORR Sie) SARI A — «9h lll RRs ei Sl 


(Continued) 


Network Next Hop Metric LocPrf Weight Path 
*> 172.16.0.0/24 AeeAt tc @ 65530 i 


*> 172.16.1.0/24 
*> 172.16.2.0/24 
*> 172.16.3.0/24 


rtrA#show ip bgp 172.16.0.0 255.255.252.0 
BGP routing table entry for 172.16.0.0/22, version 6 
Paths: (1 available, best #1, table Default -IP-Routing-Table) 
Advertised to non peer-group peers: 
O12. AFS47-4:.2 
Local, (aggregated by 1 144.223.1.1) 
@.0.0.0 from 0.0.0.0 (144.223.1.1) 


- p 
BGP table version is 8, local router ID is 172.16.3.1 
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
*> 172.16.0.0/24 ®@ 1 65530 i 


*> 172.16.1.0/24 at: ®@ 1 65530 i 

*> 172.16.2.0/24 0.0. 32768 i 

*> 172.16.3.0/24 -0.0. 32768 I 

rtrC#show ip bgp 

BGP table version is 8, local router ID is 172.16.1.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
*> 172.16.0.0/24 0.0.0.0 


172.16.1.0/24 
172.16.2.0/24 
172.16.3.0/24 
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Verification 


Verify that the aggregate address is in the BGP table on Router A and that the AS path 
information has been retained: 


rtrA#show ip bgp 

BGP table version is 10, local router ID is 144.223.1.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
172.16.0.0/24 T72.1754.2 @ 65530 i 


172.16.1.0/24 
172.16.2.0/24 
172.16.3.0/24 


rtrA#show ip bgp 172.16.0.0/22 

BGP routing table entry for 172.16.0.0/22, version 10 

Paths: (1 available, best #1, table Default -IP-Routing-Table) 
Advertised to non peer-group peers: 

10.1.1.2 172.17.1.2 


@.0.0.0 from 0.0.0.0 (144.223.1.1) 
Origin IGP, localpref 100, weight 32768, valid, aggregated, local, atomic- 
aggregate, best 


rtrBéshow ip bgp 

BGP table version is 9, local router ID is 172.16.3.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
*> 172.16.0.0/24 @ 1 65530 i 
*> 172.16.1.0/24 sta Vie @ 1 65530 i 
*> 172.16.2.0/24 -0.0. 32768 i 


*> 172.16.3.0/24 0.2. ‘4 . 32768 1 

rtrC#show ip bgp 

BGP table version is 9, local router ID is 172.16.1.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
172.16.0.0/24 0.0.0.0 

172.16.1.0/24 0.0.0.0 

172.16.2.0/24 AFOSAV cat 

172.16.3.0/24 P21 ott 
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Troubleshooting 


Step 1 Verify that the BGP neighbors are in the Established state using the show 
ip bgp neighbors command. 


If the neighbor relationship is not in the Established state, see section 8-23. 


Step 2 Ensure that at least one specific route in the BGP table is contained in the 
range of addresses that you want to aggregate using the show ip bgp 
command. 


Step 3 If at least one more-specific route is in the BGP table, go to Step 5. 


Step 4 If at least one more-specific route is not in the BGP table, do the 
following: 


— Check the syntax (address and mask) of your BGP network 
command. Go to Step 2. 


— If you're redistributing routes (connected, static, or from an IGP), 
make sure you are using the no auto-summary command. Check 
the syntax of your redistribution command(s). Go to Step 2. 


Step5 Verify that no filters are blocking the aggregate from being advertised. 


Step6 Verify the syntax of your route map and access list. 


1-3: aggregate-address address mask as-set advertise- 
map route-map-name 


Syntax Description: 


address—Aggregate IP address. 


mask—Aggregate mask. 


° route-map-name—Route map used to determine the prefixes used to form the 


aggregate. 


Purpose: To create an aggregate entry in the BGP table. An aggregate is created only if a 
more-specific route of the aggregate exists in the BGP table. Without the as-set option, the 
AS path information for the specific routes forming the aggregate is lost. This form of the 
aggregate-address command advertises the a aggregate while — the AS path 

information Soe et more- oe routes. ver d to determir 
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Configuration Example: Forming an Aggregate Based on a Subset 
of Prefixes from Different Autonomous Systems 


In Figure 1-5, Router A is learning about networks 172.16.0.0/24 and 172.16.1.0/24 from 
AS 65530 and networks 172.16.2.0/24 and 172.16.3.0./24 from AS 2. We will use the 
advertise-map option to base the aggregate on routes received from AS 65530. 


Figure 1-5 Aggregate Based on Routes from a Specific Autonomous System 


Base aggregate on routes 
from AS 65530 


172.16.0.0/24 AS 65530 172.16.2.0/24 AS 2 
172.16.1.0/24 AS 65530 172.16.3.0/24 AS 2 
PP adsense aoe SO 


172.16.2.0/24 


172.16.3.0/24 
172.17.1.2/24 172.17.1.1/24 


AS 65530 


Router A 

router bgp 1 

neighbor 10.1.1.2 remote-as 2 
neighbor 172.17.1.2 remote-as 65530 


interface loopback 0 
ip address 172.16.2.1 255.255.255.0 
! 


interface loopback 1 
ip address 172.16.3.1 255.255.255.@ 
! 


router bgp 2 

network 172.16.2.@ mask 255.255.255.0 
network 172.16.3.0 mask 255.255.255.@ 
neighbor 10.1.1.1 remote-as 1 

Router 

interface loopback @ 

ip address 172.16.0.1 255.255.255.0 

: 

interface loopback 1 

ip address 172.16.1.1 255.255.255.0 

! 

router bgp 65530 

network 172.16.0.0 mask 255.255.255.0 


ee ee 


——— 
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(Continued) 

network 172.16.1.@ mask 255.255.255.0 
neighbor 172.17.1.1 remote-as 1 

H 


Four loopbacks have been created—two on Router B and two on Router C. A BGP router 
can advertise an aggregate only if at least one specific route of the aggregate is in the BGP 
table. The BGP network commands are necessary on Routers B and C in order to place the 
routes into the BGP table. Before aggregating the loopback prefixes, verify that the specific 
routes are in the BGP table on Routers A, B, and C: 


rtrA#show ip bgp 

BGP table version is 35, local router ID is 172,17.1.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
172.16.0.0/24 172.17.1.2 Q ®@ 655390 i 
172.16.1.0/24 172.17.1.2 ) ®@ 65530 i 
172.16.2.0/24 10.1.1.2 ® @2i 
172.16.3.0/24 10.1.1.2 () @2i 

rtrbeshow ip bgp 

BGP table version is 13, local router ID is 172.16.3.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 

Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Metric LocPrf Weight Path 
172.16.0.0/24 1 Hess fe @ 1 65530 i 
172.16.1.0/24 oie ®@ 1 65530 i 
172.16.2.0/24 0.0. 32768 i 
172.16.3.0/24 .0.0. 32768 I 
#show ip bgp 
BGP table version is 35, local router ID is 172.17.1.2 
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes; i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
*> 172.16.0.0/24 0.0.0.0 ts) 
*> 172.16.1.0/24 2.0.0.0 

172.16.2.0/24 172.17.1.1 

172.16.3.0/24 172.17.1.1 


Now modify the BGP configuration on Router A to enable the advertisement of the 
aggregate: 
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The aggregate contains two routes from AS 65530 and two routes from AS 2. Router A 
should now be advertising the aggregate with itself as the next hop, indicating a loss of AS 
path information. The AS path information for the aggregate indicates that this prefix 
originates from AS 1. Routers B and C accept this route because their AS number does not 
appear in the AS path attribute. Normal BGP behavior is to reject any update containing 
your own AS number. 


BGP table veratan is 6, local router ID is 172.17.1.1 
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
172.16.0.0/24 172.17.1.2 ® ® 65530 i 


172.16.1.0/24 
172.16.2.0/24 
172.16.3.0/24 


rtrA#show ip bgp 172.16.@.0 255.255.252.0 
BGP routing table entry for 172.16.@.0/22, version & 
Paths: (1 available, best #1, table Default-IP-Routing-Table) 
Advertised to non peer-group peers: 
10.1.1.2 172.17.1.2 
Local, (aggregated by 1 172.17.1.1) 
0.0.0.0 from 0.0.0.0 (172.17.1.1) 


; pt 
BGP SR, version is 8, local router ID is 172.16.3.1 
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: j - IGP, e - EGP, ? ~- incomplete 


Network Next Hop Metric LocPrf Weight Path 
*> 172.16.0.0/24 10.1.1.1 ®@ 1 65530 i 


*> 172.16.1.0/24 yi Felct @ 1 65530 i 

*> 172.16.2.0/24 8.0.20 ® 32768 i 

*> 172.16.3.0/24 0.0 ol) @ 32768 I 

rtrC#show ip bgp 

BGP table version is 8, local router ID is 172.16.1.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
172.16.0.0/24 0.0.0.0 


172.16.1.0/24 
172.16.2.0/24 
172.16.3.0/24 
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Now use the as-set option on Router A in order to preserve AS path information. 


Router A 
router bgp 1 


neighbor 10.1.1.2 remote-as 2 
neighbor 172.17.1.2 remote-as 65530 


Verify that the AS path information has been preserved for the aggregate address on 
Router A: 


rtrA#show ip bgp 

BGP table version is 10, local router ID is 172.17.1.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 


*> 172.16.0.0/24 172.17.1.2 4) ®@ 65530 i 


*> 172.16.1.0/24 172.17.1.2 
*> 172.16.2.0/24 10.1.1.2 
*> 172.16.3.0/24 10.1.1.2 


The as-set option causes Router A to preserve the AS path information for the aggregate: 


ptrA#show ip bgp 172.16.0.0/22 

BGP routing table entry for 172.16.0.0/22, version 10 

Paths: (1 available, best #1, table Default-IP-Routing-Table) 
Advertised to non peer-group peers: 
10.1.1.2 172.17.1.2 


@.0.0.0 from 0.0.0.0 (172.17.1.1) 
Origin IGP, localpref 100, weight 32768, valid, aggregated, local, atomic- 
aggregate, best 


Routers B and C should reject the aggregate, because their AS number is now contained in 
the AS path attribute: 


rtrB#show ip bgp 
BGP table version is 9, local router ID is 172.16.3.1 


Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
*> 172.16.0.0/24 10.1.1.1 ®@ 1 65530 i 
*> 172.16.1.0/24 10.1.1.1 @ 1 65530 i 
*> 172.16.2.0/24 0.0.0.0 ® 32768 i 
"> 172.16.3.0/24 8.0.0.0 1) 32768 I 


continues 
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(Continued) 
rirC#show ip 
BGP table version is 9, local router ID is 172.16.1,1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
172.16.0,0/24 0.9,0.0 ® 

172.16.1.0/24 0.0.0.0 

172.16.2.0/24 172.17.1.1 

172.16.3.0/24 172.17.1.1 


Assume that you want to advertise the aggregate to AS 2 but not to AS 65530. You can 
accomplish this by retaining AS 65530 in the AS path information for the aggregate while 
suppressing AS 2. The advertise-map option is used to achieve this behavior. Modify the 
BGP configuration on Router A so that the aggregate contains only AS path 65530: 


Router A 
router bgp 1 


neighbor 10.1.1.2 remote-as 2 
neighbor 172.17.1.2 remote-as 65530 


$ 


This match command is 
not used correctly. It 
should match the ip 
addresses specified in 


ae tea fe The route map select-as permits only those routes that originated from AS 65530 to be 


correct command | used in forming the aggregate. Therefore, the aggregate AS path information contains only 


para cuties ,, |AS number 65530. We could use an IP as-path access filter to accomplish the same result: 


router bgp 1 

aggregate-address 172.16.0.0 255.255.252.0 as-set advertise-map select-as 
neighbor 10.1.1.2 remote-as 2 

neighbor 172.17.1.2 remote-as 65530 


If as path access list 


command is used, the 
match command: 
Match as-path 1 will be 
the correct one. 


Verification 
Verify that the AS path information for the aggregate contains only AS path 65530: 


rtrA#show ip bgp 
BGP table version is 6, local router ID is 172.17.1.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


ee St a see 


eS Se 
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(Continued) 


Network Next Hop Metric LocPrf Weight Path 
*> 172.16.0.0/24 172.17.1.2 @ 65530 i 


*> 172.16.1.0/24 
*> 172,.16,2.0/24 
*> 172.16.3.0/24 


rtrA#show ip bgp 172.16.0.0/22 


BGP routing table entry for 172.16.0.0/22, version 5 

Paths: (1 available, best #1, table Default-IP-Routing-Table) 
Advertised to non peer-group peers: 
10.1.1.2 172.17.1.2 


@.0.0.0 from @,0.0.0 (172.17,1.1) 
Origin IGP, localpref 100, weight 32768, valid, aggregated, local, atomic- 
aggregate, best 


Also verify that the aggregate is being accepted by Router B and rejected by Router C: 


rtrB#show ip bgp 

BGP table version is 34, local router ID is 172.16.3.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
172.16.0,0/24 10.1.1.1 @ 1 65530 i 


172.16.1.0/24 

172.16.2.0/24 

172.16.3.0/24 
rtrc#show 


Pp Dgp 
BGP table version is 25, local router ID is 172.16.1.1 
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
172.16.0.0/24 @.2.0.0 

172.16.1.0/24 0.0.0.0 

172.16.2.0/24 a ee a De | 

172.16.3.0/24 172.17.1.1 


Troubleshooting 


Step 1 Verify that the BGP neighbors are in the Established state using the show 
ip bgp neighbors command. 


If the neighbor relationship is not in the Established state, see section 8-23. 
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Step 2. Ensure that at least one specific route in the BGP table is contained in the 
range of addresses that you want to aggregate using the show ip bgp 
command, 


Step 3 If at least one more-specific route is in the BGP table, go to Step 5. 


Step 4 If there is not at least one more-specific route in the BGP table, do the 
following: 
— Check the syntax (address and mask) of your BGP network 
command. Go to Step 2. 


— If you're redistributing routes (connected, static, or from an IGP), 
make sure you are using the no auto-summary command. Check 
the syntax of your redistribution command(s). Go to Step 2. 


Step 5 Verify that no filters are blocking the aggregate from being advertised. 


Step6 Verify the syntax of your route map and access list or AS path list. 


1-4: aggregate-address address mask attribute-map 
route-map-name 


1-5: aggregate-address address mask route-map route- 
map-name 
Syntax Description: 
© address—Aggregate IP address. 
* mask—Aggregate mask. 
© yroute-map-name—Route map used to modify the aggregate’s attributes. 


Purpose: To create an aggregate entry in the BGP table. An aggregate is created only if a 
more-specific route of the aggregate exists in the BGP table. This form of the aggregate- 

address command can be used to modify the aggregate’s BGP attributes. The form of the 
command using the keyword route-map is equivalent to using the keyword attribute-map. 
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Configuration Example: Modifying the Aggregate’s Attributes 


Figure 1-6 shows Router A learning two routes from Router B and two routes from Router 
C. Router B aggregates these four routes and modifies the aggregate’s metric. 
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Figure 1-6 = An Attribute Map Is Used to Modify the Attributes of an Aggregate Route 


172.16.0.0/24 AS 65530 172.16.2.0/24 AS 2 
172.16.1.0/24 AS 65530 172.16.3.0/24 AS 2 
wae es 2 seb Sa 


172.16.0.0/24 4A. 1. 172.16.2.0/24 


172.16.1.0/24 * f ‘ 172.16.3.0/24 


172.17.1,2/24 72.17.4.1/24 


176.16.0.0/22 Metric = 50 172.16.0.0/22 Metric = 50 
<< 8 


Router A 
router bgp 1 
neighbor 10.1.1.2 remote-as 2 
neighbor 172.17.1.2 remote-as 65530 
Router B 
interface loopback 0 
ip address 172.16.2.1 255.255.255.0 
! 
interface loopback 1 
ip address 172.16.3.1 255.255.255.0® 
! 
router bgp 2 
network 172.16.2.0 mask 255.255.255.0 
network 172.16.3.0 mask 255.255.255.0 
neighbor 10.1.1.1 remote-as 1 
Router 
interface loopback @ 
ip address 172.16.0.1 255.255.255.0 
! 
interface loopback 1 
ip address 172.16.1.1 255.255.255.0 
! 
router bgp 65530 
network 172.16.0.0 mask 255.255.255.0 
network 172.16.1.@ mask 255.255.255.0 
neighbor 172.17.1.1 remote-as 1 
! 


Four loopbacks have been created—two on Router B and two on Router C. A BGP router 
can advertise an aggregate only if at least one specific route of the aggregate is in the BGP 
table. The BGP network commands are necessary on Routers B and C in order to place the 
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routes into the BGP table. Before aggregating the loopback prefixes, you need to verify that 
the specific routes are in the BGP table on Routers A, B, and C: 


rtrA#show ip bgp 

BGP table version is 35, local router ID is 144,223.1.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
172.16.0,0/24 17247.4 «2 ® 
172.16.1.0/24 72.47 1K2 ® 
172.16.2.0/24 10,1.1.2 @ 
10.1.1.2 “) 


p : 
BGP table version is 13, local router ID is 172.16.3.1 
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
172.16.0.0/24 10.1.1.1 @ 1 65530 i 
172.16.1.0/24 Chee @ 1 65530 i 
172.16.2.0/24 p 32768 i 
172.16.3.0/24 32768 I 

rtrc#show ip bg 

BGP table version is 35, local router ID is 172.17.1.2 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 

Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
172.16.0.0/24 0.0.0.0 

172.16.1.0/24 @.0.0.0 

172.16.2.0/24 72.17.44 

172.16.3.0/24 172.17.1.1 


Now modify the BGP configuration on Router A to enable the advertisement of the 
aggregate and to verify that the aggregate is being advertised to Routers B and C: 


Router A 

router bgp 1 

neighbor 1@.1.1.2 remote-as 2 
neighbor 172.17.1.2 remote-as 65530 


Verify that the aggregate is being advertised: 


rtrAf#show ip bgp 
BGP table version is 6, local router ID is 144.223.1.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 
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(Continued) 


Network Next Hop Metric LocPrf Weight Path 
172.16.0.0/24 172.17.1.2 


172.16.1.0/24 
172.16.2.0/24 
172.16.3.0/24 
rtrBéshow ip bgp 
BGP table version is 8, local router ID is 172.16.3.1 
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
172.16.0.0/24 @ 1 65530 i 


172.16.1.0/24 PS BEF @ 1 65530 i 
172.16.2.0/24 -@.8. $2768 i 
172.16.3.0/24 .0.0. 32768 I 
rtrC#show ip bgp 
BGP table version is 8, local router ID is 172.16.1.1 


Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
172.16.0.0/24 1) 32768 i 


172.16.1.0/24 
172.16.2.0/24 
172.16,3.0/24 


Router A 
router bgp 1 


neighbor 10.1,1.2 remote-as 2 
neighbor 172.17.1.2 remote-as 65530 
! 

route-map attrib permit 10 

set metric 50 


Verification 
Verify that the metric for the attribute has been modified: 


rtrAfshow ip bgp 
BGP table version is 6, local router ID is 172.17.1.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


continues 
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(Continued) 


Next Hop Metric LocPrf Weight Path 
172.17:452 


Network 
172.16.0.0/24 


172.16.1.0/24 
*> 172.16.2.0/24 
172.16.3.0/24 
rtrBashow ip bgp 
BGP table version is 60, local router ID is 172.16.3.1 

Status codes: s suppressed, d damped, h history, * Valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
*> 172.16.0.0/24 10.1.1.1 @ 1 65530 i 


*> 172,16,1.0/24 1 F @ 1 65530 i 
*> 172.16.2.0/24 ®.9.0.9 Q 32768 i 
*> 172.16.3.0/24 ®.0.0.0 32768 I 


rtrc#show ip bgp 

BGP table version is 48, local router ID is 172.16.1.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
172,16.0.0/24 0.0.0.0 i) 32768 i 


172.16.1.0/24 
*> 172.16.2.0/24 
172.16.3.0/24 


Troubleshooting 
Step 1 Verify that the BGP neighbors are in the Established state using the show 
ip bgp neighbors command. 
If the neighbor relationship is not in the Established state, see section 
8-23. 


Step 2. Ensure that at least one specific route in the BGP table is contained in the 
range of addresses that you want to aggregate using the show ip bgp 
command. 


Step 3 If at least one more-specific route is in the BGP table, go to Step 5. 


Step 4 If there is not at least one more-specific route in the BGP table, do the 
following: 


— Check the syntax (address and mask) of your BGP network 
command. Go to Step 2. 
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— If you’re redistributing routes (connected, static, or from an IGP), 
make sure you are using the no auto-summary command. Check 
the syntax of your redistribution command(s). Go to Step 2. 


Step5 Verify that no filters are blocking the aggregate from being advertised. 


Step6 Verify the syntax of your route map. 


1-6: aggregate-address address mask summary-only 
Syntax Description: 
© address—Aggregate IP address. 
© mask—Aggregate mask. 


Purpose: To create an aggregate entry in the BGP table. An aggregate is created only if a 
more-specific route of the aggregate exists in the BGP table. This form of the aggregate- 
address command advertises the aggregate while suppressing all the more-specific routes. 
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Configuration Example: Advertise an Aggregate While Suppressing 
the More-Specific Routes 


In Figure 1-7, Router B is generating an aggregate for 172.16.0.0/22 while suppressing the 
specific routes that comprise the aggregate. 


Figure 1-7 Suppressing the Specific Routes of the Aggregate 


172.16.0.0/24 Suppressed 
172.16.1.0/24 Suppressed 
172.16.2.0/24 Suppressed 
172.16.3.0/24 Suppressed 
172.16,0.0/22 (Aggregate) 


172.16.0.0/24 
172.16.1.0/24 


172.16.2.0/24 
172.16.3.0/24 
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Router A 
router bgp 1 
neighbor 10.1.1.2 remote-as 2 


Router E 
interface loopback @ 

ip address 172.16.0.1 255.255.255.0 
! 
interface loopback 1 

ip address 172.16.1.1 255.255.255.0 
! 
interface loopback 2 

ip address 172.16.2.1 255.255.255.0 
! 

interface loopback 3 

ip address 172.16.3.1 255.255.255.0 
! 

router bgp 2 

network 172.16.0.@ mask 255.255.255.0 
network 172.16.1.0 mask 255.255.255.0 
network 172.16.2.0 mask 255.255.255.0 
network 172.16.3.0 mask 255.255.255.0 
neighbor 10.1.1.1 remote-as 1 

! 


Four loopbacks have been created on Router B to simulate the locally sourced routes that 
will be aggregated. A BGP router can advertise an aggregate only if at least one specific 
route of the aggregate is in the BGP table. The BGP network commands are necessary on 
Router B in order to place more-specific routes of the aggregate into the BGP table. Before 
aggregating the loopback prefixes, you need to verify that the specific routes are in the BGP 
tables on Routers A and B: 


rtrA#show ip bgp 
BGP table version is 16, local router ID is 172.17.1.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 

*> 172.16.0.0/24 10.1.1.2 Vs) @2i 
*> 172,16.1.0/24 1G.4.5:1.2 v) 
*> 172.16.2.0/24 10.1.1.2 i) 
2.16.3.0/24 16,.4,.1./2 Q 


- p 
BGP table version is 6, local router ID is 172.16.3.1 
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
*> 172.16.0.0/24 0.8.0.0 a 32768 i 
*> 172.16.1.0/24 0.0.0.9 \) 32768 i 
*> 172.16.2.0/24 0.%.0.9 V4) 32768 i 
*> 172.16.3.0/24 0.9.0.0 vt) 32768 i 
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ony ow 


Now modify the BGP configuration on Router B to enable the advertisement of the 
aggregate while suppressing the more-specific routes: 


Router B 

router bgp 2 

network 172.16.0.0 mask 255.255.255.0 
network 172.16.1.@ mask 255.255.255.0 


network 172.16.2.@ mask 255.255.255.0 
network 172.16.3.0 mask 255.255.255.0 


neighbor 10.1.1.1 remote-as 1 


: Pecans you need Sonily one eirionsapboiiod route in the BGP fable in onder to 
generate the prefix, you could use only one network command. The problem with using only 
one network command is that if the network goes down, the more-specific route is withdrawn 
from the BGP table. If the only specific route in the BGP table is withdrawn, the aggregate is 
withdrawn as well. If you use a network command for every prefix that is contained in the 
aggregate, the aggregate is advertised as long as one of the more-specific routes is up. 


Verification 
Verify that the aggregate address is in both the Router A and B BGP tables and that the 
more-specific routes have been suppressed: 


rtrA#show ip bgp 

BGP table version is 18, local router ID is 172.17.1.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
*> v2. 16.0.0/22 10.1.1.2 0 2 I 


PS p ‘ 
BGP table version is 11, local router ID is 172.16.3.1 


Status codes: s sunoressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network php Metric LocPrf Weight Path 
172.16.0,0/24 a) v1) 32768 i 
172.16.0.0/22 0 32768 i 
172.16.1.0/24 .® @ 32768 i 
172.16.2.0/24 -@ Q 32768 i 

-® i 


172.16.3.0/24 ® 32768 1 


Examine the specific information for one of the specific routes on Router B: 


rtrBéshow ip bgp 172.16.2.0 
BGP routing table entry for 172.16.2.0/24, version 9 
Paths: (1 available, best #1) 


continues 
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(Continued) 


Not advertised to any peer 
Local 


0.0.0.0 from 0.0.0.0 (172.16.3.1) 
Origin IGP, metric @, localpref 100, weight 32768, valid, sourced, local, 
best, ref 2 


Troubleshooting 


Step 1 Verify that the BGP neighbors are in the Established state using the show 
ip bgp neighbors command. 


If the neighbor relationship is not in the Established state, see section 
8-23. 


Step 2 Ensure that at least one specific route in the BGP table is contained in the 
range of addresses that you want to aggregate using the show ip bgp 
command, 


Step 3 If at least one more-specific route is in the BGP table, go to Step 5. 


Step 4 If there is not at least one more-specific route in the BGP table, do the 
following: 


— Check the syntax (address and mask) of your BGP network 
command. Go to Step 2. 


— If you're redistributing routes (connected, static, or from an IGP), 
make sure you are using the no auto-summary command. Check 
the syntax of your redistribution command(s). Go to Step 2. 


Step 5 Verify that no filters are blocking the aggregate from being advertised. 


Step6 Verify that the specific routes of the aggregate are being suppressed using 
the show ip bgp command. 


1-7: aggregate-address address mask suppress-map 
route-map-name 
Syntax Description: 
© address—Aggregate IP address. 
© mask—Aggregate mask. 


© youte-map-name—Name of the route map that is used to determine which specific 
prefixes will be suppressed. 
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Purpose: To create an aggregate entry in the BGP table. An aggregate is created only if a 
more-specific route of the aggregate exists in the BGP table. This form of the aggregate- 
address command advertises the aggregate while suppressing the more-specific routes 
indicated by the route map. 


Cisco IOS Software Release: |0.0 


Configuration Example: Suppressing a Subset of the More-Specific 
Routes Used to Form the Aggregate 


In Figure 1-8, Router B is generating an aggregate for 172.16.0,0/22 while suppressing one 
of the more-specific prefixes, 


Figure 1-8 Suppressing Specific Prefixes 


172.16,0.0/24 

172.16.1.0/24 

172.16.2.0/24 Suppressed 

172.16.3.0/24 

172.16.0.0/22 (Aggregate) 
—— ee 


172.16.0.0/24 
172.16,1,0/24 
172.16.2.0/24 
172.16.3,0/24 


interface loopback @ 

ip address 172.16.0.1 255.255.255.@ 

t 

interface loopback 1 

ip address 172.16.1.1 255.255.255.@ 

t 

interface loopback 2 

ip address 172.16.2.1 255.255.255.090 

! 

interface loopback 3 

ip address 172.16.3.1 255.255.255.0 

! 

router bgp 2 

network 172.16.@.0 mask 255.255.255.0 

network 172.16.1.@ mask 255.255.255.0 
continues 
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(Continued) 

network 172.16.2.0 mask 255.255.255.090 
network 172.16.3.@ mask 255.255.255.0 
neighbor 10.1.1.1 remote-as 1 

! 


Four loopbacks have been created on Router B to simulate the locally sourced routes that — 
will be aggregated. A BGP router can advertise an aggregate only if at least one specific 
route of the aggregate is in the BGP table. The BGP network commands are necessary on 
Router B in order to place more-specific routes of the aggregate into the BGP table. Before — 
aggregating the loopback prefixes, you need to verify that the specific routes are in the BGP 
tables on Routers A and B: 


rtrA#show ip bgp 

BGP table version is 16, local router ID is 172.17.1.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Metric LocPrf Weight Path 
172.16.%.0/24 5 ap 4) @2i 
172.16.1,0/24 Q @2i 
172.16.2.0/24 Sy BP FA Q @2i 
une 16.3,0/24 4) @2i 


BGP table version is 6, local router 1D is 172.16.3.1 
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
172.16.0.0/24 .2. ts] 32768 i 
172.16.1.0/24 -@. ® 32768 i 
172.16.2.0/24 -@, 4) 32768 i 
172.16.3.0/24 .@. 0 32768 i 


Now modify the BGP configuration on Router B to enable the advertisement of the 
aggregate while suppressing the more-specific route 172.16.2.0/24: 


Router B 

router bgp 2 
network 172.16 
network 172.16 
network 172.16. 
network 172.16. 


@ mask 255.255.255.090 
@ mask 255.255.255.0 
@ mask 255.255.255.0 
bd mask 255.255.255.0 


neighbor 1@.1.1.1 remote-as 1 ; 
! 


. 


® 
1. 
ys 
3. 


4 
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— ——___rrrrrrnrnrnnnnnnEEEEEEEEEEEEEEE 


The form of the route map used permits routes to be suppressed. This example permits 
prefix 172.16.2.0/24 to be suppressed. The prefixes that are contained in the aggregate that 
are not specifically matched by the route map will not be suppressed. 


Verification 


Verify that the aggregate address is in both the Router A and B BGP tables and that the 
more-specific route 172.16.2.0/24 has been suppressed: 


rtrAfshow ip bgp 

BGP table version is 29, local router ID is 172.17.1.1 

Status codes: $ suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Metric LocPrf Weight Path 
172.16.0.0/24 @2i 
172.16.0.0/22 @2i 
172.16.1.0/24 “Fs @2i 
172.16.3.0/24 @2i 
rtrBeshow ip bgp 
BGP table version is 7, local router ID is 172.16.3.1 
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Metric LocPrf Weight Path 
*> 172.16.0.0/24 -@.9. @ 32768 i 
*> 172.16.0.0/22 ; 32768 i 
*> 172.16.1.0/24 .0.0. @ 32768 i 


*> 172.16.3,0/24 0.0.0.0 ® 32768 i 


Examine the specific information for prefix 172.16.2.0/24 on Router B: 


rtrBéshow ip bgp 172.16.2.0 
BGP routing table entry for 172.16.2.0/24, version 7 
Paths: (1 available, best #1) 


Not advertised to any peer 


Local 


®.0.0.0 from 0.0.0.0 (172.16.3.1) 


Origin IGP, metric 0, localpref 100, weight 32768, valid, sourced, local, 
best, ref 2 


Troubleshooting 


Step 1 Verify that the BGP neighbors are in the Established state using the show 
ip bgp neighbors command. 


If the neighbor relationship is not in the Established state, see section 8-23. 
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Step 2 


Step 3 
Step 4 


Step 5 
Step 6 


Ensure that at least one specific route in the BGP table is contained in the 
range of addresses that you want to aggregate using the show ip bgp 
command. 


If at least one more-specific route is in the BGP table, go to Step 5. 


If there is not at least one more-specific route in the BGP table, do the 
following: 


— Check the syntax (address and mask) of your BGP network 
command. Go to Step 2. 


— If you’re redistributing routes (connected, static, or from an IGP), 
make sure you are using the no auto-summary command. Check 
the syntax of your redistribution command(s). Go to Step 2. 


Verify that no filters are blocking the aggregate from being advertised. 


Verify the syntax of your route map and access list. 


37 
x) On page 11, Example 4 — Aggregating Using a Static Route has errors. 


router bgp 2 Configuration here without 
using network commands for 

neighbor 10.0.0.1 remote-as 1 the four loopback networks 

no auto-summary 172.16.0.0 — 172.16.3.0. 
Therefore only the highlighted 

no ip classless routes should be appear in the 
bgp tables 


! 


rtrA#sh ip bgp 
BGP table version is 6, local router ID is 172.17.1.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - inter 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
*> 172.16.0.0/24 10.0.0.2 


*> 172.16.1.0/24 10.0.0.2 
*> 172.16.2.0/24 10.0.0.2 0 021 
*> 172.16.3.0/24 10.0.0.2 


rtrB#sh ip bgp 

BGP table version is 6, local router ID is 172.16.3.1 

Status codes: s suppressed, d damped, h history, * valid, > bgt, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weighy Path 
*> 172.16.0.0/24 0.0.0.0 32768 i 


*> 172.16.1.0/24 0.0.0.0 32768 i 
*> 172.16.2.0/24 0.0.0.0 32768 i 
*> 172.16.3.0/24 0.0.0.0 32768 i 


Same as for routing entries in Router A, if network commands are not used, only one summarized route is present, 
otherwise, there will be five entries learned from BGP neighbour Router B. Compare the following two routing tables: 


rtrA#sh ip route rtrA#sh ip route 

Codes: C - connected, S - static, I- IGRP, R - RIP, M - mobile, B - BGP Codes: C - connected, S - static, I- IGRP, R - RIP, M - mobile, B - BGP 
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
NI - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 
El - OSPF external type 1, E2 - OSPF external type 2, E - EGP E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP 
i-IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default i-IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default 
U - per-user static route, o - ODR U - per-user static route, o - ODR 


Gateway of last resort is not set Gateway of last resort is not set 


C  192.168.10.0/24 is directly connected, EthernetO C  192.168.10.0/24 is directly connected, EthernetO 
172.16.0.0/16 is variably subnetted, 5 subnets, 2 masks 172.16.0.0/22 is subnetted, 1 subnets 
172.16.0.0/24 [20/0] via 10.0.0.2, 00:00:08 B 172.16.0.0 [20/0] via 10.0.0.2, 01:55:49 
172.16.0.0/22 [20/0] via 10.0.0.2, 01:42:25 10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks 
172.16.1.0/24 [20/0] via 10.0.0.2, 00:00:08 10.0.0.2/32 is directly connected, Serial 
172.16.2.0/24 [20/0] via 10.0.0.2, 00:00:08 10.0.0.0/8 is directly connected, Serial0 
172.16.3.0/24 [20/0] via 10.0.0.2, 00:00:08 
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aggregate-address command options: 


rtrB(config-router)#aggregate-address 150.50.0.0 255.240.0.0 ? 
advertise-map Set condition to advertise attribute 
as-set Generate AS set path information 
attribute-map Set attributes of aggregate 
route-map Set parameters of aggregate 
summary-only Filter more specific routes from updates 
suppress-map Conditionally filter more specific routes from updates 
<cr> 


Command Purpose 


aggregate- address address Create an aggregate entry in the BGP 
nask routing table. 


aggregate- address address Gener ates autononous systemset path 
nask as- set i nf or nati on. 


aggregate- address addr ess- Advertise sunmary addresses only. 
nask sunmary- onl y 


aggregate- address address Suppress selected, nore speci fic 
nask suppress- nap nap- nane routes. 


aggregate- address address Generate an aggregate based on 
nask advertise-nap nap-nane | conditions specified by the route nap. 


aggregate- address address Generate an aggregate wth attri butes 
nask attri bute-nap nap-nane | specified in the route nap. 


2 


Auto-Summary 


2-1: auto-summary 


Table 2-1 


Syntax Description: 
This command has no arguments. auto-summary is enabled by default. 


Purpose: When auto-summary is enabled, routes injected into BGP via redistribution are 
summarized on a classful boundary. A 32-bit IP address consists of a network address and 
a host address. The subnet mask determines the number of bits used for the network address 
and the number of bits used for the host address. The IP address classes have a natural or 

standard subnet mask, as shown in Table 2-1. 


IP Address Classes 


Address Range Natural Mask 
(A | 1.0.0.0 to 126.0.0.0 255,0.0.0 or 8 
[B_ | 1281.0.0t0 191.254.0.0 255.255.0.0 or /16 


A 
Cc 192.0.1,0 to 223.255.254.0 255.255.255.0 or /24 


Reserved addresses include 128.0.0.0, 191.255.0.0, 192.0.0.0, and 223.255.255.0 


When using the standard subnet mask, Class A addresses have one octet for the network, 
Class B addresses have two octets for the network, and Class C addresses have three octets 
for the network, As an example, consider the Class B address 156.26,32.1 with a 24-bit 
subnet mask. The 24-bit subnet mask selects three octets, 156.26.32, for the network. The 
last octet is the host address. If the network 156.26.32.1/24 is learned via an IGP and is then 
redistributed into BGP, the network is automatically summarized to the natural mask for a 
Class B network. The network that BGP advertises is 156.26.0.0/16. BGP is advertising 
that it can reach the entire Class B address space from 156.26.0.0 to 156.26.255.255. If the 
only network that can be reached via the BGP router is 156.26.32.0/24, BGP is advertising 
254 networks that cannot be reached via this router. 


auto-summary does not apply to routes injected into BGP via the network command or 
through IBGP or EBGP. 


Cisco LOS Software Release: 10.0 
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Configuration Example: Automatic Route Summarization 


This example demonstrates the effect of automatic route summarization. In Figure 2-1, 
static routes, connected routes, and routes learned via OSPF are being redistributed into 
BGP as shown in the following configurations. The redistributed routes are summarized to. 
a classful boundary by BGP because auto-summary is enabled by default. 


Automatic BGP Route Summarization Applies Only to Redistributed Routes 


144.223.1.1/24 


172.17.1.2 


Router A 
interface loopback 2 

ip address 144.223.1.1 255.255.255.0 

! 

router bgp 1 
network 144,223.1.1 mask 255.255.255.@ 
neighbor 172.17.1.1 remote-as 2 
Router B 
router ospf 1 

network 10.0.0.0 0.255.255.255 area ® 

! 
router bgp 2 

redistribute ospf 1 

redistribute static 

redistribute connected 

neighbor 172.17.1.2 remote-as 1 

! 
ip route 198.8.4.126 255.255.255.128 Ethernet 0 
Router 
interface loopback 0 j 
ip address 205.40.30.129 255.255.255.192 
! 
router ospf 1 
network 10.0.@.0 @.255.255.255 area 0 
network 205.0.0.0 @.255.255.255 area 51 


If this prefix were automatically summarized to a classful boundary, the prefix in the BGP 
table would be 144.223.0.0/16. Because the network command was used to inject this 
route into BGP, summarization should not have occurred. 
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rtrA#show ip bgp 

BGP table version is 14, local router ID is 144.223.1.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, @ - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
*> 10.0.0.9 172.17.1.1 @ 


172.16.0.0 
198.8.4.0 
205.40.30.8 


Router B is learning about network 205.40.30.128 from router C via OSPF. Router B also 
has a route to network 198.8.4.128 via a static route, as shown in the IP routing table. 


rtrB#show ip route 
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP 
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP 
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area 
* - candidate default, U - per-user static route, o - ODR 
P - periodic downloaded static route 


Gateway of last resort is not set 


172.17.0,0/24 is subnetted, 1 subnets 

172.17.1.@ is directly connected, Ethernetd/0 
172.16.0.0/24 is subnetted, 1 subnets 

172.16.2.0 is directly connected, Loopbackd 
144.223.0.0/24 is subnetted, 1 subnets 

144.223.1.0 [20/0] via 172.17.1.2, 00:27:30 
10.0,.0.0/30 is subnetted, 1 subnets 

10.1.1.0 is directly connected, Serial2/0 


rtrB#show ip bgp 

BGP table version is 12, local router ID is 172.16.2.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
*> 10.0.0.0 2.0.0.0 32768 7 
*> 144.223.1.0/24 V2.97.64:2 Qi 
*> 172.16.0.0 0.0.0.0 32768 7 
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Router advertises the 198.8.4.0 and 205.40.30.0 prefixes to Router A via BGP: 


rtrA#show ip bgp 
BGP table version is 14, local router 1D is 144,223.1.1 

Status codes: s suppressed, d damped, h history, * valid, > best, 1 - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 

*> 10.0.0.0 172.17.1.1 vt) 027? 
*> 144.223.1.0/24 0.0.0.0 i) 32768 i 

@2? 


*> 172.16.0.@ VW72047.1.-1 


auto-summary can cause routing problems if the advertising router does not own the entire 
summarized prefix. For example, if you redistribute only one subnet of a Class B address 
into BGP, BGP advertises the entire Class B address space if auto-summary is enabled. 
Typically, you want to disable auto-summary on your BGP routers. Modify the 
configuration on Router B so that auto-summary is disabled. 


Router B 
router bgp 2 

redistribute ospf 1 
redistribute static 
redistribute connected 
neighbor 172.17.1.2 remote-as 1 


Verification 
Verify that Router B is no longer creating summaries for the redistributed routes. 


router B#éshow ip bgp 
BGP table version is 20, local router ID is 172.16.2.1 

Status codes: $s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
*> 10.1.1.0/30 @.0,0.0 i) 32768 ? 
*> 144.223.1,.0/24 172.17.1.2 ® @1i 


32768 7? 


*> 172.16.2.0/24 0.0.0.0 


a A TN 


’ _ 
ummary 
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BGP-Specific Commands 


3-1: bgp always-compare-med 


Syntax Description: 


This command has no arguments. 


Purpose: If multiple BGP routes to the same destination exist, BGP selects the best path 
based on the route attributes in the following order: 


1 


ao a & 8 ND 


Ignore a route if the next hop is not known. 
Ignore IBGP routes that are not synchronized. 
Prefer the route with the largest weight. 

Prefer the route with the largest local preference. 
Prefer the route that was locally originated. 
Prefer the route with the shortest AS path. 


If you're using bgp bestpath as-path ignore, skip this step, When you use the as-set 
option for aggregated routes, as_set counts as | regardless of the number of AS entries 
in the set. Confederation sub-AS numbers are not used to determine the AS-path 
length. 
ya rT with the | ; rioir { nd ag ( 


e lowest MED. 


Freres Ue bu ~ Wilts | 


Prefer the route with th 
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9 Prefer EBGP routes to IBGP routes. 
10 Prefer the route with the nearest IGP neighbor. 
11 Prefer the oldest route. 
12 Prefer the path received from the router with the lowest router ID. 


BGP normally does not compare MED values for routes from different autonomous 
systems. This command allows for the comparison of MED values for routes from different 
autonomous systems. 


Cisco IOS Software Release: 11.0 


Configuration Example: Comparing MED Values from Different 
Autonomous Systems 


In Figure 3-1, Router B is learning about network 193.16.1.0/24 from Routers A and Ce 


AS 4 is being simulated using loopbacks, a static route, and route maps. i 


Figure 3-1 MEDs From Different Autonomous Systems Are Normally Not Compared 


193.16.1.0/24 


193.16.1.0/24 


193.16.1.0/24 MED = 200, 193.16.1.0/24 MED = 100 
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Router A 
interface Loopback® 
ip address 5.5.5.5 255.255.255.255 
! 
interface FastEthernet@ 
ip address 172.17.1.2 255.255.255.0 
! 
router bgp 1 
redistribute static route-map setmed 
neighbor 172.17.1.1 remote-as 2 
neighbor 172.17.1.1 route-map seths out 
no auto-summary 
I 
ip route 193.16.1.@ 255.255.255.080 Loopback® 
route-map setmed permit 10 
set metric 200 
route-map setmas permit 10 
set as-path prepend 4 ate a ae 
Router B 
interface Ethernet0/0 
ip address 172.17.1.1 255.255.255.0 
! 
interface Serial2/0 
ip address 10.1.1.1 255.255.255.252 
clockrate 64000 
! 
router bgp 2 
neighbor 10.1.1.2 remote-as 3 
neighbor 172.17.1.2 remote-as 1 


interface Loopback1 
ip address 6.6.6.6 255.255.255.255 
! 
interface Seriald 
ip address 10.1.1.2 255.255.255.252 
! 
router bgp 3 
redistribute static route-map setmed 
neighbor 10.1.1.1 remote-as 2 
neighbor 10.1.1.1 route-map setas 
no auto-summary 
! 
route-map setmed permit 10 
set metric 100 
route-map setas permit 10 
set as-path prepend 4 
ip route 193.16.1.0 255.255.255.@ Loopback! 


Router A is advertising network 193.16.1.0/24 with a metric or MED of 200, and Router C 
is advertising network 193.16.1.0/24 with a metric or MED of 100. Because Routers A and 
‘ C are in different autonomous systems, Router B does not use the MED value to determine 
the best path. From the best path selection criteria, we can see that Router B uses the router 
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ID to determine the best path to 193.16.1.0/24. The BGP ID of a neighbor BGP router can 
be found by using the show ip bgp neighbors command. A router’s own BGP ID can be 
found using the show ip bgp summary or show ip bgp commands. 


rtrA#show ip bgp summary 


BGP table version is 3, main routing table version 3 
1 network entries and 1 paths using 133 bytes of memory 
1 BGP path attribute entries using 52 bytes of memory 
@ BGP route-map cache entries using @ bytes of memory 
@ BGP filter-list cache entries using ® bytes of memory 
BGP activity 2/3 prefixes, 5/4 paths 


Neighbor V AS MsgRevd MsgSent TblVer InQ OutO Up/Down State/PfxRAcd 


122 123 ) @ 01:45:46 ® 


— i7. 1.1 4 


BGP version 4, remote router ID 6.6.6.6 
BGP state = Established, up for 01:49:19 


remote AS 1, external link 


BGP neighbor is 172.17.1.2, 


sad state = oe up for 01:46:44 


BGP table version is 3, main routing table version 3 
1 network entries and 2 paths using 153 bytes of memory 
2 BGP path attribute entries using 192 bytes of memory 
BGP activity 1/@ prefixes, 3/1 paths 


Neighbor V AS MsgRcvd MsgSent TblVer InQ@ OutQ Up/Down State/PfxRcd 


3 @ @ 01:52:18 1 


139 141 


4 


2 


10.1.1.1 


Inspect the BGP table on Router B to ensure thé 
193.16.1.0/24 is being learned from both Routers A and C. . 


rtrBéshow ip bgp 

BGP table version is 3, local router ID is 172.17.1.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, 7? - incomplete 


Network Next Hop Metric LocPrf Weigh 
* 193.16.1.0 10.1.1.2 100 
172.17.1.2 200 


rtrBéshow ip route —— 
Codes: C - connected, S - static, I - IGRP, R - AIP, M - mobile, B - BGP 
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter aren. 
N1_- OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 

£1 - OSPF external type 1, E2 - OSPF external type 2, & - EGp 

i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS$ inter area 
* - candidate default, U - per-user static route, 0 - opR 

P - periodic downloaded static route 


Gateway of last resort not set 


172.17.8.0/24 is subnetted, 1 subnets 

Cc 172.17.1.0 is directly connected, Etherneto/o 
172.16.0.0/24 is subnetted, 1 subnets 

10.0.0.0/30 is subnetted, 1 subnets 

Cc 10.1.1.0 is directly connected, Serial2/0 


IED values from 


Modify the BGP configuration on Router B to allow the comparison of } 
aay ere or ar . 


different autonomous systems. owt 


Router B 
router bgp 2 


neighbor 172. 


Verification 


Verify that the best path to 193.16.1.0/24 has changed to the route with the lowest MED. 


rtrBéshow ip bgp 
BGP table version is 4, local router ID is 172.17.1.1 
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 
Network Next Hop Metric LocPrf Weight Path 
T7217 E42 200 0147? 


rtrB show ip route 


Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP 
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
Ni - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP 
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - 15-15 inter area 
* - candidate default, U - per-user static route, o - ODR 
P - periodic downloaded static route 


Gateway of last resort is not set 


172.17.0.0/24 is subnetted, 1 subnets 
Cc 172.17.1.@ is directly connected, Ethernet®/@ 
continues 
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(Continued) 


172.16.0.0/24 is subnetted, 1 subnets 


$s 172.16.4.0 is directly connected, Serial2/® 
10.0.0.0/30 is subnetted, 1 subnets 
c 10.1.1. is directly connected, Serial2/0 * 
Troubleshooting 


Step 1 Verify that the BGP neighbors are in the Established state using the show 


Step 2 


ip bgp neighbors command. 


If the neighbor relationship is not in the Established state, see section 8-23. 


3-2: bgp bestpath as-path ignore 


Syntax Description: 


This command has no arguments. 


Purpose: If multiple BGP routes to the same destination exist, BGP selects the best p: 
based on the route attributes in the following order: 


1 


2 
3 
4 
5 
6 


Ignore a route if the next hop is not known. 


Ignore IBGP routes that are not synchronized. 

Prefer the route with the largest weight. . 
Prefer the route with the largest local preference. 

Prefer the route that was locally originated. 

Prefer the route with the shortest AS path. ' 


If you're using bgp bestpath as-path ignore, skip this step. When you use the as-set_ 
option for aggregated routes, as_set counts as | regardless of the number of AS entr 
in the set. Confederation sub-AS numbers are not used to determine the AS-path leng 


7 Prefer the route with the lowest origin (IGP < EGP < Incomplete). 


Prefer the route with the lowest MED. This comparison is only between routes 
advertised by the same external AS. 


If you're using bgp always-compare-med, compare MEDs for all paths. If used, his 
command needs to be configured on every BGP router in the AS. 


If you're using bgp bestpath med-confed, the MEDs are compared only for routes” 
that have an AS confederation sequence in their AS-path attribute. 


If a prefix is received with no MED value, the prefix is assigned a MED value of 0. If 
you're using bgp bestpath med missing-as-worst, a prefix with a missing MED 
value is assigned a MED value of 4,294,967,294. 


9 Prefer EBGP routes to IBGP routes. 
10 Prefer the route with the nearest IGP neighbor. 
11 Prefer the oldest route. 
12 Prefer the path received from the router with the lowest router ID. 


The shortest AS-path normally is used to select the best path if there are multiple routes to 
the same destination. This command allows the router to ignore AS-path information when 
making a best path determination. 


Cisco IOS Software Release: | 2.0 


i“ 
ud 


Configuration Example: Ignoring the AS-Path Attribute When 
Making a Best Path Selection 


In Figure 3-2, Router B is learning about network 193.16.1.0/24 from Routers A and C. ASs 4 
and 5 are simulated using loopbacks, a static route, and a route map. The simulated autonomous 
systems are used to create a longer AS-path attribute for the route being advertised by Router A. 


Figure 3-2. The AS-Path Attribute Is Normally Used to Make a Best Path Determination 


193.16.1.0/24 


Router ID -5.5.5.5 
AS1 


193,16.1.0/24 AS path=154 193.16,1.0724 AS path=34 4° 
EE ad <r _CS— 
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Router A 
interface Loopback® 
ip address 5.5.5.5 255.255.255.255 
! 
interface FastEthernet® 
ip address 172.17.1.2 255.255.255.0 
! 
router bgp 1 
redistribute static 
neighbor 172.17.1.1 remote-as 2 
neighbor 172.17.1.1 route-map setas out 
no auto-summary 
' 
ip route 193.16.1.0 255.255.255.0 Loopback® 
route-map setas perm 2 
set as-path prepend 
Router B 
interface Ethernet0/0 
ip address 172.17.1.1 255.255.255.080 
! 
interface Serial2/0 
ip address 10.1.1.1 255.255.255.252 
clockrate 64000 
! 
router bgp 2 
neighbor 10.1.1.2 remote-as 3 
neighbor 172.17.1.2 remote-as 1 


interface Loopback1 

ip address 6.6.6.6 255.255.255.255 

! 

interface Serial@ 

ip address 10.1.1.2 255.255.255.252 

! 

router bgp 3 

redistribute static 

neighbor 10.1.1.1 remote-as 2 
neighbor 10.1.1.1 route-map setas out 
no auto-summary 

! 

route-map setas permit 10 

set as-path prepend 4 

ip route 193.16.1.0 255.255.255.@ Loopback! 


Router A is advertising network 193.16.1.0/24 with an AS-path of 1 5 4, and Router Cis 

advertising network 193.16,1.0/24 with an AS-path of 3 4. Router 5 selects he path for 

193.16.1.0/24 from Router C as the best path because the ; 
% 


| 
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rtrBsshow ip bgp 

BGP table version is 2, local router ID is 172.17.1.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
* 493.16.1.0 172.17.1.2 1) @1547 


rtrB#show ip route 
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP 
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP 
i - IS-IS, Li - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area 
* - candidate default, U - per-user static route, o - ODR 
P - periodic downloaded static route 


Gateway of last resort is not set 


172.17.0.0/24 is subnetted, 1 subnets 
c 172.17.1.0 is directly connected, Ethernet@/o 
172.16.0.0/24 is subnetted, 1 subnets 
10.0.0.0/30 is subnetted, 1 subnets 
Cc 10.1.1.0 is directly connected, Serial2/@ 


Modify the BGP configuration on Router B so that the AS-path is not used to make the best 
path selection. 


Verification 


Router A has a lower router ID than Router C. If all other path selection criteria are equal, 
the route learned from Router A is used. Because the AS-path attribute is being ignored, the 
best path should be toward Router A due to its lower router ID value. The router ID values 
can be found using the show ip bgp command on Routers A and C: 


rtrA#show ip bgp 


Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e@ - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
* 193.16.1..0 172.17.1.1 @2347 
*> 0.0.0.0 Q 32768 ? 


~ 


continues 
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(Continued) 
eee 
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete ; 


Network 
*> 193.16.1.@ 


Next Hop 
0.0.9.2 


Metric LocPrf Weight Path 
ts) 32768 ? 


Verify that the best path to 193.16.1.0/24 has changed to the route advertised by Router, 


rtrBéshow ip bgp 
BGP table version is 2, local router ID is 172.17.1.1 
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
* >193.16.1.0 172.17.1.2 0 01547 
S 10.1.1.2 Vs) ®@347 


rtrB#show ip route 
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP 
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 

E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP 

i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area’ 
* - candidate default, U - per-user static route, o - ODR 
P - periodic downloaded static route 


Gateway of last resort is not set 


172.17.8.0/24 is subnetted, 1 subnets 


Cc 172.17.1.0 is directly connected, Ethernet/@ 
172.16.0.0/24 is subnetted, 1 subnets <) 
19.0.@.0/38 is subnetted, 1 subnets (ow 


c 10.1.1.0 is directly connected, Serial2/0 


Troubleshooting 


Step 1 Verify that the BGP neighbors are in the Established state using the show 
ip bgp neighbors command. 


If the neighbor relationship is not in the Established state, see section 8-23. 


Step 2 The BGP decision algorithm might determine the best path based on 
parameters that have a higher priority than AS-path (weight, local 
preference, and locally originated). Make sure you understand the BGP 
decision process. 
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—— Es 


3-3: bgp bestpath med confed 
Syntax Description: 
This command has no arguments. 


Purpose: If multiple BGP routes to the same destination exist, BGP selects the best path 
based on the route attributes in the following order: 


1 Ignore a route if the next hop is not known. 
Ignore IBGP routes that are not synchronized. 
Prefer the route with the largest weight. 

Prefer the route with the largest local preference. 


Prefer the route that was locally originated. 


o ao F&F &O N 


Prefer the route with the shortest AS path. 


If you're using bgp bestpath as-path ignore, skip this step. When you use the as-set 
option for aggregated routes, as_set counts as | regardless of the number of AS entries 
in the set. Confederation sub-AS numbers are not used to determine the AS-path length. 


7 Prefer the route with the lowest origin (IGP < EGP < Incomplete). 


8 Prefer the route with the lowest MED. This comparison is only between routes 
advertised by the same external AS. 


If you're using bgp always-compare-med, compare MEDs for all paths. If used, this 
command needs to be configured on every BGP router in the AS. 


NOTE If you're using bgp bestpath med-confed, the MEDs are compared only for routes that 
have an AS confederation sequence in their AS-path attribute, 


If a prefix is received with no MED value, the prefix is assigned a MED value of 0. If 
you're using bgp bestpath med missing-as-worst, a prefix with a missing MED 
value is assigned a MED value of 4,294,967,294. 


9 Prefer EBGP routes to IBGP routes. 
10 Prefer the route with the nearest IGP neighbor. 
11 Prefer the oldest route. 
12 Prefer the path received from the router with the lowest router ID. 
This command allows the comparison of MEDs from BGP routers in a confederation. 


Cisco IOS Software Release: | 2.0 
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Configuration Example: BGP MED Comparison in a Confederation 
In Figure 3-3, Router B is learning about network 150.150.150.0/24 from Routers A and D, 


Figure 3-3. Using MEDs with a BGP Confederation 


150.150.150.0/24 


Sub AS 65530 


Sub AS 65531 Sub AS 65532 


Router A 

interface ethernet® 

ip address 150.150.150.1 255.255.255.0 
! 
interface Serial@ . 


ip address 193.16.0.2 255.255.255.252 
! 


router bgp 65530 
bgp confederation identifier 1 
bgp confederation peers 65531 
network 150.150.150.0 mask 255.255.255.0 
neighbor 193.16.@.1 remote-as 65531 

! 

Houter 6 

interface Ethernet1/0 
ip address 172.16.0.1 255.255.255.252 

| 

interface Ethernet1/2 
ip address 172.16.0.17 255.255.255.252 | 

! 

interface Serial2/0 
ip address 193.16.0.1 255.255.255.252 
clockrate 64000 

! it 
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(Continued) 


router bgp 65531 a ater ’ 


bgp confederation identifier 1 

bgp confederation peers 65530 65532 
neighbor 172.16.0.2 remote-as 65531 
neighbor 172.16.0.18 remote-as 65532 
neighbor 193.16.6.2 remote-as 65530 


interface Ethernet1/@ 

ip address 172.16.0.14 255.255.255.252 
! 

interface Ethernet1/2 

ip address 172.16.0.18 255.255.255.252 
! 

interface Ethernet1/3 

ip address 150.150.15@.2 255.255.255.0 
! 

interface Serial2/0 

ip address 193.16.0.9 255.255.255.252 
clockrate 64000 

! 

router bgp 65532 

bgp confederation identifier 1 

bgp confederation peers 65531 

network 150.150.150.0 mask 255.255.255.0 
neighbor 172.16.0.13 remote-as 65532 
neighbor 172.16.0.17 remote-as 65531 


Router B is receiving an advertisement for network 150.150.150,0/24 from Routers A 
and D: 


rtrBeshow ip bgp 

BGP table version is 6, local router ID is 172.16.88.4 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete ) 


Network Next Hop Metric LocPrf Weight Path \o” 
*> 150.150.150.0/24 172,16.0.18 0 100 @ (65532) i 
* 193.16.0.2 r) 100 @ (65530) i 


The best-path algorithm has selected the route from Router D as the best. In order to 
demonstrate the comparison of MED values in a confederation, set the MED for routes 
from Router D to 20: 

Router D 


router bgp 65532 
neighbor 172.16.0.17 route-map setmed out 


H 
route-map setmed permit 10 
set metric 20 
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; 
At this point, the MED values are not used in the best-path determination. Verify that the 
new MED yalue has been configured, 4 


rtreeshow ip bgp 
BGP table version is 6, local router ID is 172,16.88.4 
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 


Origin codes: i - IGP, @ - EGP, ? - incomplete 


\* Network Next Hop Metric LocPrf Weight Path 
@ (65530) i = 
a 
Now modify the BGP configuration on Router B so that the MEDs from the confederatie 
will be compared when determining the best path: 
Router 8 
router bgp 2 
Verification 


ya 7 


Troubleshooting 


Verify that the best-path algorithm has selected the route from Router A as the best due 
a lower MED value: 


rtrB#show ip bgp 
BGP table version is 6, local router ID is 172.16.88.4 q 
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 


Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
* 150.150.150.0/24 172.16.0.18 20 100 @ (65532) i 


Step 1 Verify that the BGP neighbors are in the Established state using the show 
ip bgp neighbors command. 


If the neighbor relationship is not in the Established state, see section 8-23. 


Step 2 


: bgp bestpath med missing-as-worst 
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Syntax Description: 
This command has no arguments. 


Purpose: If multiple BGP routes to the same destination exist, BGP selects the best path 
based on the route attributes in the following order: 


oo a fF 6 DN = 


Ignore a route if the next hop is not known. 

Ignore IBGP routes that are not synchronized. 

Prefer the route with the largest weight. 

Prefer the route with the largest local preference. 

Prefer the route that was locally originated. 

Prefer the route with the shortest AS path. 

If using bgp bestpath as-path ignore, skip this step. When using the as-set option 


for aggregated routes, as_set counts as 1 regardless of the number of AS entries in the 
set. Confederation sub-AS numbers are not used to determine the AS-path length. 


Prefer the route with the lowest origin (IGP < EGP < Incomplete). 


Prefer the route with the lowest MED. This comparison is only between routes 
advertised by the same external AS. 

If you're using bgp always-compare-med, compare MEDs for all paths. If used, this 
command needs to be configured on every BGP router in the AS. 


If you're using bgp bestpath med-confed, the MEDs are compared only for routes 
that have an AS confederation sequence in their AS-path attribute. 


Prefer EBGP routes to IBGP routes. 


Prefer the route with the nearest IGP neighbor. 
Prefer the oldest route. 
Prefer the path received from the router with the lowest router ID. 


si this command causes the router to consider prefixes with a missing MED to 


have a MED of infinity. 
Cisco IOS Software Release: 12.0 
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Configuration Example: Comparing MEDs from Different 
Autonomous Systems 


In Figure 3-4, Router B is learning about network 150,150.150,0/24 from Routers A and: 
Router C is using a MED of 20, and Router A is not setting the MED value. By defat It 
BGP sets the missing MED value to 0. Because Routers A and C are in different 
autonomous systems, the MED values for 150.150.150.0/24 are not compared. For this 
example, we will force Router B to compare the MED values using the command bg 7 
always-compare-med. . 


Figure 3-4 By Default, BGP Sets a Missing MED Value to 0 


i" 150.150.150.0/24 Missing MED 150.150,150.0/24 MED = 20 
ye ( 


Router A 

router bgp 1 

network 150.150.15@.@ mask 255.255.255.090 
neighbor 172.17.1.1 remote-as 2 

I 


ip route 150.150.150.@ 255.255.255.080 serial® 
Router 6 
router bgp 2 


neighbor 172.17.1.2 remote-as 1 
neighbor 10.1.1.2 remote-as 3 
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(Continued) 
Router C 
router bgp 3 
neighbor 10.1.1.1 route-map setmed out 
network 150.150.158.@ mask 255.255.255.0 
neighbor 10.1.1.1 remote-as 2 

neighbor 10.1.1.1 route-map setmed out 

H 

ip route 150.150.150.0 255.255.255.@ seriali 
! 

route-map setmed permit 10 

set metric 20 


Router B is receiving an advertisement for network 150.150.150.0/24 from Routers A and C: 


rtrBéshow ip bgp 

BGP table version is 3, local router ID is 172.16.2.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
*> 150.150.150.0/24 172,17.1.2 @ O:1) Z 


% 10.1.1.2 20 @3I 


The best-path algorithm has selected the route from Router A as the best because we are 
comparing MEDs. Router A does not send a MED value for network 150.150.150.0/24. By 
default, BGP sets the MED value for prefixes from Router A to 0. 


Now modify the BGP configuration on Router B so that the missing MEDs are treated 
as infinity: 
Router B 


router bgp 2 
bgp bestpath med missing-as-worst 


ification 
Verify that the best-path algorithm has selected the route from Router C as the best due to 
a lower MED value: 


rtrBéshow ip bgp 
BGP table version is 3, local router ID is 172.16.2.1 
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete if 194, 967.2 
, 


Network Next Hop Metric Lopert Weight Path 
* 450.150.150.0/24 172.17.1.2 0 01: 


be 10.1.1.2 20 @3i 
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Troubleshooting 


Step 1 Verify that the BGP neighbors are in the Established state using the show 
ip bgp neighbors command. 


If the neighbor relationship is not in the Established state, see section 
8-23. 


Step 2 If the command bgp bestpath missing-as-worst does not produce the 
desired result, check the other path attributes, such as weight and local 
preference. The other attributes might be selecting the best path before 
MED values are compared. 


3-5: bgp client-to-client reflection 
Syntax Description: 
This command has no arguments. 


Purpose: When a router is configured as a route reflector, client-to-client reflection is 
enabled by default. If the route reflector’s clients are fully meshed, client-to-client reflectio 
can be disabled on the route reflector using the no form of the command. 


Cisco LOS Software Release: | 1.1 


Configuration Example: Route Reflectors and Peer Groups 


An obvious question is why use a route reflector if the clients have a full IBGP mesh? If 
client-to-client reflection is enabled, the clients cannot be part of a peer group. Figure 3- 
demonstrates a situation in which we want to scale the IBGP connections using route — 
reflectors, but we also want Routers A, B, and C to be part of the same peer group. 
Therefore, client-to-client reflection needs to be disabled on Router B. The total numb 
IBGP connections is still reduced, even though the clients are fully meshed. Routers 

D need to be configured as route reflectors. If B and D were not route reflectors, a full mi 
would be required between all five routers. A route reflector is set up by configuring Route 
A and C as route reflector clients on Router B. But because the clients are fully meshec 

route reflection can be disabled on Router B. 


Route Reflectors and Peer Groups 


Router A 
interface Serial® 

ip address 193.16.0.2 255.255.255.252t 
! 
interface FastEthernet® 

ip address 150.150.158.1 255.255.255.0 
! 

router eigrp 1 

network 10.0.0.@ 

network 193.16.0.@ 

no auto-summary 

! 
router bgp 1 

neighbor 172.16.0.2 remote-as 1 

Router B 
interface Ethernet1/® 

ip address 172.16.0.1 255.255.255.252 
! 
interface Ethernet1/2 

ip address 172.16.0.17 255.255.255.252 
! 
interface Serial2/@ 

ip address 193.16.0.1 255.255.255.252 
clockrate 64000 

| 
router eigrp 1 

network 172.16.0.0 

network 193.16.0.8 

no auto-summary 

i 
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continues 
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ad ah! 


(Continued) 

router bgp 1 

no bgp client-to-client reflection 
neighbor group1 peer-group 
neighbor groupi remote-as 1 


neighbor 172.16.0.2 peer-group group! 
neighbor 193.16.0.2 peer-group group! 
Router 
interface Ethernet1/@ 

ip address 172.16.0.2 255.255.255.252 
! 

router eigrp 1 

network 172.16.0.0 

no auto-summary 

1 

router bgp 1 

neighbor 172.16.0.1 remote-as 1 
neighbor 193.16.0.2 remote-as 1 
Router D 
interface Ethernet1/@ 

ip address 172.16.0.14 255.255.255.252 
! 

interface Ethernet1/2 

ip address 172.16.0.18 255.255.255.252 
i] 

router eigrp 1 

network 172.16.0.06 

network 193.16.0.0 

no auto-summary 

! 

router bgp 1 

neighbor 172.16.0.13 remote-as 1 


neighbor 172.16.0.17 remote-as 1 


interface Ethernet2/1 

ip address 172.16.0.13 255.255.255.252 
| 

router eigrp 1 

network 172.16.0.0 


no auto-summary 
1 


router bgp 1 
neighbor 172.16.0.14 remote-as 1 


Verification 


Verify that the neighbors have been configured in the proper peer group and that the rou 
reflector is enabled: 
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rtrB#show ip bgp n 
BGP neighbor is 172.16.0@.2, remote AS 1, internal link 

Member of peer-group group for session parameters 

BGP version 4, remote router ID 172.16.88.3 

BGP state = Established, up for 00:11:33 
Last read 00:00:34, hold time is 180, keepalive interval is 60 seconds 
Neighbor capabilities: 

Route refresh: advertised and received 

Address family IPv4 Unicast: advertised and received 
Received 115 messages, ® notifications, ® in queue 
Sent 110 messages, @ notifications, @ in queue 
Route refresh request: received 0, sent 0 
Minimum time between advertisement runs is 5 seconds 


For address family: IPv4 Unicast 
BGP table version 4, neighbor version 4 
Index 1, Offset @, Mask @x2 


BGP neighbor is 193.16.0.2, remote AS 1, internal link 
Member of peer-group group! for session parameters 
BGP version 4, remote router ID 193,16.0.2 
BGP state = Established, up for 00:12:07 
Last read 00:00:08, hold time is 180, keepalive interval is 60 seconds 
Neighbor capabilities: 
Route refresh: advertised 
Address family IPv4 Unicast: advertised and received 
Received 108 messages, 0 notifications, ® in queue 
Sent 108 messages, ® notifications, ® in queue 
Route refresh request: received @, sent 0 
Minimum time between advertisement runs is 5 seconds 


For address family: IPv4 Unicast 
BGP table version 4, neighbor version 4 
Index 1, Offset @, Mask @x2 


®@ accepted prefixes consume @ bytes 
Prefix advertised @, suppressed 0, withdrawn 0 


leshooting 
Step 1 Verify that the BGP neighbors are in the Established state using the show 
ip bgp neighbors command. 


If the neighbor relationship is not in the Established state, see section 
8-23. For IBGP and loopbacks, see section 8-33. 
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Step 2 Verify that the IBGP neighbors have been configured as route reflector 


clients and that they are in the proper peer group using the show ip bgp 
neighbors command. 


Step 3 Verify that BGP client-to-client reflection has been disabled. 


3-6: bgp cluster-id 32-bit_id 


Syntax Description: 


32-bit_id—Route reflector cluster ID entered as either a 32-bit number or an IP address, 


Purpose: 


a 


AS-path method of loop detection does not work when you're using route reflectors, a 
the reflector and the clients are in the same AS. A route reflector generates an originator 
assigned from the router ID. W u'r 


< ports re + 
a . ~~ t : i 
l~ . - . 


= 4 
xs oe : 


e cluster [Ds contained in the ¢ 


are used for loop detection within the local AS when route reflectors are being used, ; 


Cisco IOS Software Release: | |.0 


Configuration Example: Redundant Route Reflectors 


Figure 3-6 shows a cluster consisting of two clients and two route reflectors. Two oute 
reflectors are configured for redundancy and therefore must have the same cluster ID. 


Figure 3-6 Redundant Route Reflectors i 


172.16.88.0/27 


3-6: bgp cluster-id 32-bit_id 


Router A 
interface Loopback® 
ip address 172.16.88.3 255.255.255.224 
i 
interface Ethernet1/® 
ip address 172.16.0.2 255.255.255.252 
! 
interface Ethernet1/1 
ip address 172.16.0.9 255.255.255.252 
! 
router eigrp 1 
network 172.16.0.0 
no auto-summary 
! 
router bgp 1 
network 172.16.88.@ mask 255.255.255.224 
neighbor 172.16.0.1 remote-as 1 
neighbor 172.16.0.10 remote-as 1 
Router 8 
interface Ethernet1/@ 
ip address 172.16.@.1 255.255.255.252 
! 
interface Ethernet1/1 
ip address 172.16.0.5 255.255.255.252 
! 
interface Ethernet1/2 
ip address 172.16.0.17 255.255.255.252 
i 
router eigrp 1 
network 172.16.0.9 
network 193.16.0.0 
no auto-summary 


eighb 172.16.0.2 remote-as 1 
neighbor 172.16.0.2 route-reflector-client 
neighbor 172.16.0.6 remote-as 1 

neighbor 172.16.0.6 route-reflector-client 
neighbor 172.16.0.18 remote-as 1 
Router 
interface Ethernet1/0 
ip address 172.16.0.14 255.255.255.252 
! 
interface Ethernet1/1 

ip address 172.16.0.10 255.255.255.252 
' 
interface Ethernet1/2 


ip address 172.16.0.18 255.255.255.252 
! 


continues 
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(Continued) 

router eigrp 1 

network 10.0.6. 

network 172.16.8.0 

network 193.16.0.0 

no auto-summary 

! 

router bgp 1 

bgp cluster-id 1 

neighbor 172.16.0.9 remote-as 1 
neighbor 172.16.0.9 route-reflector-client : 
neighbor 172.16.6.13 remote-as 1 

neighbor 172.16.0.13 route-reflector-client 
neighbor 172.16.0.17 remote-as 1 
Router D 
interface Ethernet2/0 

ip address 172.16.0.6 255.255.255.252 
! 

interface Ethernet2/1 

ip address 172.16.0.13 255.255.255,252 
! 

router eigrp 1 

network 172.16.0.90 

no auto-summary 

i 

router bgp 1 

neighbor 172.16.0.5 remote-as 1 
neighbor 172.16.0.14 remote-as 1 


Verification 
Verify that Routers A and D are clients of Routers B and C: 


rtrB#show ip bgp neighbor 172.16.8.2 
BGP neighbor is 172.16.0.2, remote AS 1, internal link 
BGP version 4, remote router ID 172.16.88.3 
BGP state = Established, up for 00:28:35 
Last read 00:00:36, hold time is 180, keepalive interval is 60 seconds 
Neighbor capabilities: 
Route refresh: advertised and received 
Address family IPv4 Unicast: advertised and received 
Received 32 messages, @ notifications, ® in queue 
Sent 31 messages, @ notifications, ® in queue 
Route refresh request: received @, sent 0 
Minimum time between advertisement runs is 5 seconds 


For address family: IPv4 Unicast 
BGP table version 2, neighbor version 2 
Index 3, Offset @, Mask ®x8 


1 accepted prefixes consume 36 bytes 
Prefix advertised 0, suppressed @, withdrawn 0 
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(Continued) 
rtrB4show ip bgp neighbor 172.16.0.6 
BGP neighbor is 172.16.0.6, remote AS 1, internal link 
BGP version 4, remote router ID 172.16.2.1 
BGP state = Established, up for 00:32:22 
Last read 00:00:23, hold time is 18@, keepalive interval is 60 seconds 
Neighbor capabilities: 
Route refresh: advertised and received 
Address family IPv4 Unicast: advertised and received 
Received 35 messages, ® notifications, @ in queue 
Sent 36 messages, ® notifications, ® in queue 
Route refresh request: received ®, sent 0 
Minimum time between advertisement runs is 5 seconds 


For address family: IPv4 Unicast 
BGP table version 2, neighbor version 2 
Index 1, Offset @, Mask @x2 


@ accepted prefixes consume @ bytes 
Prefix advertised 1, suppressed ®, withdrawn 0 
Verify that the cluster ID has been configured: 
rtrO#show ip bgp 172.16.88.0 


BGP routing table -16,88.0/27, version 3 
Paths: able Default-IP-Routing-Table) 
Not a to any peer 


Local 
172.16.0.2 (metric 307200) from 172.16.0.5 (172.16.88.3) 


Origin IGP, metric ®, localpref 100, valid, internal, synchronized, best 


Local 
172.16.0.9 (metric 307200) from 172.16.0.14 (172.16.88.3) 
Origin IGP, metric @, localpref 100, valid, internal, synchronized 


hooting 
Step 1 Verify that the BGP neighbors are in the Established state using the show 
ip bgp neighbors command. 


If the neighbor relationship is not in the Established state, see section 8-23. 
For IBGP and loopbacks, see section 8-33. 


Step 2 Verify that the route reflector clients have been configured using the 
show ip bgp neighbors command. 


Step 3 Verify that the same cluster ID has been configured on each route 
reflector in the cluster. 
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3-7: bgp confederation identifier AS-number 


3-8: bgp confederation peers 7_or_more_AS-numbers 
Syntax Description: 
® AS-number—AS number used with EBGP neighbors, 


° J_or_more_AS-numbers—AS number(s) of directly connected peers that are ina 
different sub-AS. Bi 


Purpose: IBGP neighbors do not propagate routing information learned from one IBG 
neighbor to another IBGP neighbor. If you are running IBGP, every IBGP speaker 
have a connection to every other IBGP speaker in the AS. This becomes a scaling 
as the number of IBGP speakers increases. The number of IBGP connections for n speai 
is [n(n—1)]/2. Table 3-1 lists the number of connections needed for two to ten IBGP 
speakers. 


Table 3-1 IBGP Connections Needed for a Full Mesh 


Number of IBGP Speakers Number of Connections 
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ithin a confederation sub-AS, a full 1B 
mesh is required. BGP connections between confederations behave like EBGP peers, 8 
they exchange routing information as if they were using IBGP. This means that the BC 
attributes next hop, metric, and local preference are preserved. 
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nfiguration Example: BGP Confederation 


Autonomous system | in Figure 3-7 contains five BGP routers. For an IBGP full mesh, we 
would need ten IBGP connections. In order to reduce the number of BGP connections 
within the AS, a BGP confederation is used. AS | is divided into three subautonomous 
systems using AS numbers from the private AS range 64512 to 65535. 


yre 3-7 BGP Confederation 


Router A 
interface Serial@ 
ip address 193.16.0.2 255.255.255.252 
! 


router bgp 65530 


neighbor 193.16.0.1 remote-as 65531 
Router B 
interface Ethernet1/0 

ip address 172.16.0.1 255.255.255.252 
$ 

interface Ethernet1/2 

ip address 172.16.0.17 255.255.255.252 
! 
interface Serial2/0 

ip address 193.16.0.1 255.255.255.252 


Clockrate 64000 
! 


continues 
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(Continued) 
router bgp 65531 


neighbor 172.16.0.2 remote-as 65531 
neighbor 172.16.@.18 remote-as 65532 
neighbor 193.16.0.2 remote-as 65530 
Router 
interface Ethernet1/6 

ip address 172.16.0.2 255.255.255.252 
! 

router bgp 65531 


neighbor 172.16.0.1 remote-as 65531 

Router D 
interface Ethernet1/® 

ip address 172.16.0.14 255.255.255.252 
! 

interface Ethernet1/2 

ip address 172.16.0.18 255.255.255.252 
! 

interface Serial2/® 

ip address 193.16.0.9 255.255.255.252 
clockrate 64000 
! 
router bgp 65532 


neighbor 172.16.@.13 remote-as 65532 
neighbor 172.16.0.17 remote-as 65531 
neighbor 193.16.0.1@ remote-as 2 
Router 
interface Ethernet2/1 

ip address 172.16.0.13 255.255.255.252 
1 

router bgp 65532 


Router F ~~ 
interface Serial®@ 
ip address 193.16.0.18 255.255.255.252 
t 

router bgp 2 

neighbor 193.16.0.9 remote-as 1 


The configuration of a BGP confederation is relatively straightforward, The B GP F 
number used for each router in the confederation is the AS number used to id ent 
sub-AS: 


router bgp 65538, 65531, or 65532 
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Every router in the confederation is configured with the AS number that you want to use 
with EBGP peers _ in this case, AS |: 


bgp confederation identifier 1 


Finally, if a router has BGP connections to routers in a different sub-AS, you must use the 
bgp confederation peers command: 


Router A 

router bgp 65530 

bgp confederation peers 65531 
Router & 

router bgp 65531 


bgp confederation peers 65530 65532 


router bgp 65532 
bgp confederation peers 65531 


Routes advertised by BGP within the confederation carry the AS number of each sub-AS 
that the route advertisement has passed through. For example, create a loopback interface 
on Router A, and advertise this prefix in BGP: 


Router A 

interface loopback @ 

ip address 150.150.150.1 255.255.255.0 

! 

router bgp 65530 

network 150.150.150.0 mask 255.255.255.0 


Now trace the route through the confederation to Router F: 


rtrA#show ip bgp 

BGP table version is 33, local router ID is 193.16.0.2 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
*> 150.150.150.0/24 0.0.0.0 e 32768 I 


g 
BGP table version is 6, local router ID is 172.16.88.4 
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
*> 150.15@.150.0/24 193.16.0.2 20 100 ® (65530) I 


Pp 
BGP table version is 10, local router ID is 172.16.88.1 
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
"> 150.150.150.0/24 193.16.0.2 20 100 @ (65531 65530) I 


continues 
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Verification 


(Continued) 

rtrF#show ip bgp 

BGP table version is 23, local router ID is 193.16.0.10 
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete , 


Network Next Hop Metric LocPrf Weight Path 
*> 150.150.150.0/24 193.16.0.9 @1i 


Within the confederation, each sub-AS that the route has traversed is contained in the 
AS-path attribute. Outside the confederation, the AS-path attribute contains only the A 
number of the confederation identifier. j 


Examine the neighbor relationship between BGP routers in a different sub-AS. For th 
case, we will examine the relationship between Routers A and B: 


rtrA#show ip bgp neighbors 


Index 1, Offset @, Mask @x2 
BGP version 4, remote router ID 172.16.88.4 


BGP state = Established, table version = 30, up for 00:58:23 
Last read 00 


BGP state = Established, up for 01:05:34 
Last read 00:00:34, hold time is 180, keepalive interval is 60 seconds 


The BGP neighbor relationship between Routers A and B is external because they 
different sub-AS. The neighbors are under a common administration because they 
confederation peers. The BGP relationship between neighbors in the same sub-AS: 
normal IBGP relationship, as shown by the output for Routers B and C: 


rtrBéshow ip bgp neighbors 172.16.0.2 


BGP version 4, remote router ID 172.16,88.3 
BGP state = Established, up for 01:09:25 
Last read @0:00:25, hold time is 180, keepalive interval is 60 seconds _ 


Mrtrthehow ip Bop neighbors 


BGP version 4, remote router ID 172.16.88.4 
BGP state = Established, up for 01:10:50 
Last read 00:00:50, hold time is 180, keepalive interval is 60 seconds = 
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Finally, examine the relationship between Routers D and F: 
etrD#show ip bgp neighbors 193.16.0.18 


BGP version 4, remote router ID 193.16.0.18 
BGP state = Established, up for 1d@2h 
Last read 00:00:15, hold time is 180, keepalive interval is 60 seconds 


ban 


Index 1, Offset ©, Mask @x2 
BGP version 4, remote router ID 172.16.88.1 

BGP state = Established, table version = 21, up for 1d02h 

Last read 00:00:09, hold time is 180, keepalive interval is 62 seconds 


Router F sees router D as belonging to AS 1, the confederation identifier. The sub-AS 
numbers are hidden from true external peers. 


jubleshooting 


Step 1 Verify that the BGP neighbors are in the Established state using the show 
ip bgp neighbors command. 


If the neighbor relationship is not in the Established state, see section 8-23. 
For IBGP and loopbacks, see section 8-33. 


Step 2 Verify the syntax of the confederation commands, Each router in the 
confederation should use the command bgp confederation identifier as- 
number. BGP connections between subautonomous systems should use 
the command bgp confederation peers /_or_more_AS-numbers. 


‘9: bgp dampening 
10: bgp dampening half-life 


11: bgp dampening half-life reuse suppress max- 
4PPress-time 
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3-12: bgp dampening route-map route-map-name 
Syntax Description: 


® half-life—Time for the penalty to decrease to one-half of its current value. The ta 
of values is 1 to 45 minutes. The default is 15 minutes. 4 


© reuse—When the penalty for a suppressed route decays below the reuse value, the re 
becomes unsuppressed. The range of values is | to 20,000. The default value is 5( 


© suppress—When the penalty for a route exceeds the suppress value, the route ig 
suppressed. The range of values is 1 to 20,000. The default value is 2000. 


© ~max-suppress-time—Maximum time that a dampened route is suppressed. The} 
of values is 1 to 255 minutes. The default value is four times the half-life value 


© route-map-name—Name of the route map used to select prefixes and dampenin ne 
parameters. 


Purpose: :/A route flap occurs when a prefix transitions from the up to the down state. | vt 
the prefix goes from up to down, BGP must send a WITHDRAWN message. When 
prefix goes from down to up, BGP sends an UPDATE message. If the prefix is cons 
flapping, this can cause high CPU utilization while the BGP routes are conversiiaal 
Additionally, if you are redistributing BGP into your IGP, the flapping route can cause 
instability in the IGP. Dampening is a method to control the effect of a flapping route. 
The mechanics of route dampening are illustrated in Figure 3-8 


Figure 3-8 BGP Dampening Parameters and Operation 
Penalty 
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Route suppressed 
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Assume that BGP route dampening has been applied to a particular route. At time tl in 
Figure 3-8, a route flap occurs. Remember that a route flap is when a prefix goes from the 
up to the down state. When a route flaps, a penalty of 1000 is applied to the route. This is a 
fixed parameter that cannot be changed. At time t1, the flapping route incurs a penalty of 

1000. Because the penalty is less than the suppress limit, which has been configured to be 
1500, the flapping route is not dampened. Because the route has not been dampened, BGP 


sends a WITHDRAWN message when the route goes from up to down an 
UPDATE message when the route goes fr oO up. 

BGP must maintain a history of flapp outes. The penalty associated with the 
r s - od ~ = 4 2 = i 5 + 5 Ve 2 


is a function of the half-life. 


the ha xray is 15 instos, the penalty doiises to 5 500 i in 7.5 minutes, At time 12, the 
penalty decreases to 600, and another route flap occurs. The route is again penalized, with 
an et value of 1000 added to the current value of the poet The total penalty 


The fonts prefix remains in the WITHDRAWN state. The route in the 
WITHDRAWN state until its penalty decreases below the reuse limit. When the penalty 
decreases below the reuse limit, BGP sends an UPDATE message for the route. Routes 
learned via IBGP are not dampened. 


Cisco [OS Software Release: | 1.0 


Onfiguration Example 1: Default Dampening 


Figure 3-9 shows the configuration and monitoring of route dampening, Routers A and B 
are configured as EBGP neighbors. Router A is advertising network 172.16.2.0/24 to 
Router B via EBGP. This prefix is a loopback interface that we will cause to flap by 
administratively shutting down and reenabling the interface. 


3-9 BGP Dampening Parameters and Operation 


Flapping route 
172.16.2.0/24 


78 Chapter 3: BGP-Specific Commands 


Router A 
interface loopback @ 
ip address 172.16.2.1 255.255.255.0 
{ 
router bgp 1 
neighbor 10.1.1.2 remote-as 2 
network 172.16.2.@0 mask 255,255.255.0 


Router & ; 
router bgp 2 


neighbor 10.1.1.1 remote-as 1 4 


BGP dampening has been configured using the general form of the bgp dampenin 
command. This applies route dampening to every BGP route with the following de 


© = half-life—15 minutes 
© reuse—750 
© = suppress-limit—2000 
© = half-life—15 minutes 
© max-suppress-time—4 * half-life = 60 minutes 
Router B should have an entry for prefix 172.16.2.0/24 in its BGP table: 


Router Béshow ip bgp 
BGP table version is 2, local router ID is 5,5,5.5 
Status codes: s suppressed, d damped, h history, * valid, > best, i - interns 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
*> 172.16.2.0/24 10.1.1.1 Q @O1i 


Shut down network 172.16.2.0 on Router A by shutting down the loopback 0 inter 
Examine the BGP table on Router B: 


2511#show ip bgp 
BGP table version is 3, local router ID is 5.5.5.5 _ 
Status codes: s suppressed, d damped, h history, * valid, > best, i - inte a. 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
h 172.16.2.0/24 10.1.1.1 @1i 


3-12: bgp dampening route-map route-map-name 


rtrB#show ip bgp 
BGP routing table entry for 172.16.2.0/24, version 3 
Paths: (1 available, no best path) 
Not advertised to any peer 
1 (history entry) 
10.1,1.1 from 10.1,1.1 (172.16,88.2) 
Origin IGP, metric 0, localpref 100, external, ref 2 


Reenable the loopback interface on Router A, and then reinspect the parameters for prefix 
172.16.2.0/24 on Router B: 


rtrB#show ip bgp 

BGP table version is 4, local router ID is 10.1.1.2 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
*> 172.16.2.0/24 10.71.14.1 4) @1T1 


rtrB#show ip bgp 172.16.2.0/24 
BGP routing table entry for 172.16.2.0/24, version 4 
Paths: (1 available, best #1) 
Not advertised to any peer 
{ 
10.1.1.1 from 10.1.1.1 (172.16.88,2) 
Origin IGP, metric @, localpref 100, valid, external, best, ref 2 


The route is now being advertised, and BGP is maintaining a history of the route. Neves: 
ow shut down the loopback interface on Router 
and check the route’s parameters on Router B: 


rtrB#show ip bgp 

BGP table version is 5, local router ID is 10.1.1.2 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
Hh 172.16.2.0/24 10.1.1.1 ) @tk 


rtrB#show ip bgp 172.16.2.0/24 
BGP routing table entry for 172.16.2.0/24, version 5 
Paths: (1 available, no best path) 
Not advertised to any peer 
1 (history entry) 
10.1.1.4 from 10.1.1.1 (172.16.88.2) 
Origin IGP, metric 0, localpref 100, external, ref 2 
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° 
{ 


ress. f 2000, when the route comes up, it is 
k interface on Router A: 


advertised. Reenable the loopbac 


rtrBs show ip bgp 
BGP table version is 6, local router ID is 10.1.1.2 
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
*> 172.16.2.0/24 10.1.1.1 ® O1T 


rtrBéshow ip bgp 172.16.2.0/24 
BGP routing table entry for 172.16.2.0/24, version 6 
Paths: (1 available, best #1) 
Not advertised to any peer 
1 

10.1.1.1 from 10.1.1.1 (172.16.88.2) 


Origin IGP, metric @, localpref 100, valid, external, best, ref 2 


. Ura ee eS ssh eer rey ar 


rtrBéshow ip bgp 
BGP table version is 7, local router ID is 10.1.1.2 

Status codes: s suppressed, d damped, h history, * valid, > best, i - inter 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network ht Pa 


Next Hop ocPrf Weig 


rtrBéshow ip bgp 172.16.2.0/24 
BGP routing table entry for 172.16.2.0/24, version 7 
Paths: (1 available, no best path) 

Not advertised to any peer 

1, (suppressed due to dampening) 

10.1.4.1 from 10.1.1.1 (172.16.88.2) 

Origin IGP, metric @, localpref 100, valid, external, ref 2 
Dampinfo: penalty 2275, flapped 3 times in 00:12:12, reuse in 00:24:00 _ 


The penalty for this prefix has exceeded the suppress limit, anc we can see 
BGP table on Router B that the route is dampened. The specific BGP informatic 
dampened route shows that the route will be reused in 24 minutes, assuming that 
flap again. Because the route is now dampened, WITHDRAWN and UPDATE m 
will not be sent if the route flaps. If we are patient and wait 24 minutes, we will see 
restore the route, and it will be installed in the IP routing table. Dampened paths ¢2 n 
viewed using the show ip bgp dampened-paths command: 
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rtrB#show ip bgp dampened-paths 
BGP table version is 7, local router ID is 10.1.1.2 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network From Reuse Path 
*d 172.16.2.0/24 10.1.1.1 00:19:30 1 i 


ecan verify that the route is being reused by examining the 


BGP and IP routing tables: 
rtrBéshow ip bgp 
BGP table version is 8, local router ID is 10.1.1.2 


Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
"> 172.16.2.0/24 48:,,1).1-.4 ® Q1i 


rtrBéshow ip route 
Codes: C - connected, S - static, I - IGRP, A - RIP, M - mobile, B - BGP 
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP 
i - IS-IS, Li - IS-IS level-1, L2 - IS-IS level-2, * - candidate default 
U - per-user static route, o - ODR 


Gateway of last resort is not set 


172.16.0.0/24 is subnetted, 1 subnets 


10.0.0.0/30 is subnetted, 1 subnets 
10.1.1,@ is directly connected, Seriald 


figuration Example 2: Configuring Dampening Parameters 
The first example used the BGP dampening defaults. Two forms of the dampening 
command are available to customize the dampening parameters. The first form allows you 
to configure the half-life while using the defaults for suppress limit, reuse, and maximum 
suppress time: 


750), and maximum a suppress time (4 times the half-life). Th 
form allows you to customize all the dampening parameters except the penalty. The perlalty 
has a fixed value of 1000; 
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When you use the preceding form of this command, the maximum suppress time can 
less than the half-life. 


Configuration Example 3: Configuring Dampening Parameters 
Using a Route Map 
The previous forms of the dampening command apply to every EBGP learned re 
route map allows you to apply different dampening parameters to different prefi 
on IP address or AS-path information. In the first example, we will apply damp 
prefixes 172.16.2.0/24 and 192.16.4.0/24 based on the IP address of the route u: 
access lists: 


router bgp 2 
bgp dampening route-map dampen 
neighbor 1@.1.1.1 remote-as 1 
! 

access-list 1 permit 172.1 

access-list 2 permit 192.1 
! 

route-map dampen permit 10 
match ip address 1 
set dampening 15 75@ 2000 60 

route-map dampen permit 20 
match ip address 2 

set dampening 20 800 2200 80 


In the second example, we will apply different parameters to routes originating from 
and AS 3: 


router bgp 2 
bgp dampening route-map dampen 

neighbor 10.1.1.1 remote-as 1 

! 

ip as-path access-list 1 permit ip as-path access-list 1 permit *1$ 
ip as-path access-list 2 permit ip as-path access-list 1 permit *3$ 
t 

route-map dampen permit 10 
match as-path 1 

set dampening 15 750 2000 60 
route-map dampen permit 20 
match as-path 2 
set dampening 20 800 2200 80 


Verification 
When using BGP dampening, you can tell if dampening is working only if a pre! b 
flapping. If route flaps are occurring, dampening can be verified using the commal 
described in the following examples. 
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Use the show ip bgp command to verify that BGP is maintaining a history of flapping 
routes: 


rtrB4show ip bgp 

BGP table version is 5, local router ID is 10.1.1.2 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
h 172.16.2.0/24 10.1.1.1 ® 14 


Use the show ip bgp prefix command to view the dampening parameters for a flapping 
route: 


rtrBéshow ip bgp 172.16.2.0/24 
BGP routing table entry for 172.16.2.0/24, version 5 
Paths: (1 available, no best path) 

Not advertised to any peer 

1 (history entry) 

10.1,.1.1 From 10.1.1.1 (172.16.88.2) 

Origin IGP, metric ®, localpref 100, external, ref 2 
Dampinfo: penalty 1760, flapped 2 times in 00:05:52 


Use the show ip bgp dampened-paths command to view which prefixes are dampened: 


rtrBéshow ip bgp dampened-paths 

BGP table version is 7, local router ID is 10.1.1.2 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network From Reuse Path 
*d 172.16.2.0/24 10.1.1.1 00:19:30 1 i 


Use the show ip bgp flap-statistics command to view statistics for flapping prefixes: 


rtr8#show ip bgp flap-statistics 

BGP table version is 9, local router ID is 1@.1.1.2 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network From Flaps Duration Reuse Path 
*d 172,16.2.0/24 40.1.1.4 3 @@:02:55 00:28:10 1 


hooting 


Step 1 Verify that the BGP neighbors are in the Established state using the show 
ip bgp neighbors command. 


If the neighbor relationship is not in the Established state, see section 8-23. 
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Step 2 If you're using either bgp dampening, bgp dampening half-life, or bgp 
dampening /al/-life reuse suppress max-suppress-time, dampening is 
applied to flapping routes. 

Step 3 If you're using bgp dampening route-map route-map-name, verify the 
syntax of your route map, access list, prefix list, or AS path list. 


3-13: bgp default local-preference /ocal-preference 
Syntax Description: 

* local-preference—Value to use as the default local preference. The range of valu 

0 to 4294967295. 


Purpose: Routes originating on a BGP router that are advertised within the local AS] 
a default local preference of 100. This command allows you to set the local preferet 

locally advertised routes to a value other than the default value of 100. The new value 
the local preference is applicable only within the local autonomous system. | 


Cisco LOS Software Release: 10.0 


Configuration Example: Default Local Preference 


Router B in Figure 3-10 is modifying the default local preference. The value of the I¢ 
preference on Router B affects only routes advertised to Router C, because Routers E 
C are in the same autonomous system. 


Figure 3-10 Modifying Local Preference for Locally Advertised Routes 


Default local preference = 75 
172.17.2.0/24 


172.17.1.1 
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Router A 
interface FastEthernet® 

ip address 172.17.1.2 255.255.255.@ 
i 

router bgp 1 

neighbor 172.17.1.1 remote-as 2 
Router 5. 
interface Loopback 

ip address 172.16.2.1 255.255.255.0 
! 

interface Ethernet0/6 

ip address 172.17.1.1 255.255.255.8 
t 

interface Serial2/0 

ip address 10.1.1.1 255.255.255.252 
clockrate 64800 

! 


network 172.16.2.@ mask 255.255.255. 
neighbor 10.1.1.2 remote-as 2 
neighbor 172.17.1.2 remote-as 1 


interface Loopback® 

ip address 172.16.3.1 255.255.255.0 

! 

interface Serial® 

ip address 10.1.1.2 255.255.255.252 

! 

router bgp 2 

network 172.16.3.@ mask 255.255.255.0 
neighbor 10.1.1.1 remote-as 2 


tion 
Routes advertised by Router B to Router C should have a local preference value of 75: 


rtrC#show ip bgp 172.16.2.0 
BGP routing table entry for 172.16.2.0/24, version @ 
Paths: (1 available, no best path) 
Not advertised to any peer 
Local 
10.1.4.19 from 10.4.1.1 (172.16.2.1) 
Origin IGP, metric @, localpref 75, valid, internal, not synchronized, ref 2 


Routes advertised by Router B to Router A should have a local preference value of 100, the 
default value: 


86 


Troubleshooting 
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rtrA#show ip bgp 172.16.2.0 
BGP routing table entry for 172.16.2.0/24, version 6 
continued 
Paths: (1 available, best #1) 

Not advertised to any peer 
172.17.1.1 from 172.17.1.1 (172.16.2.1) 


Routes learned by Router B from Router C should also have a local preference of 104 


rtrBishow ip bgp 172.16.3.0 
BGP routing table entry for 172.16.3.0/24, version 0 
Paths: (1 available, no best path) 
Not advertised to any peer 
Local 
10.1,1.2 from 10.1.1.2 (10.1.1.2) 


Step 1. Verify that the BGP neighbors are in the Established state using the show 
ip bgp neighbors command. 


If the neighbor relationship is not in the Established state, see section 8-23. 
Step 2 Verify the new local preference settings by checking the routes 


advertised to IBGP peers using the show ip bgp and show ip bgp prefix — 
commands, 


Syntax Description: 
This command has no arguments. 


Purpose: If bgp always-compare-med is enabled, the metric or MED is compare d te 
every path regardless of the neighbor AS. Without bgp deterministic-med or bgp a 
compare-med, the order of the paths can make a difference when selecting the b 
When you're using bgp deterministic-med, the router sorts the paths based on n 
AS and MED so that the paths are sorted the same way every time. This produces @ 
deterministic best-path selection. 


Cisco IOS Software Release: |2.0 
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5: bgp fast-external-fallover 
Syntax Description: 
This command has no arguments. 


Purpose: Fast external fallover is enabled by default. When an interface that is used for a 
BGP connection goes down, the BGP session is immediately terminated. If the interface is 
flapping, instability can be caused, because the neighbors will constantly be transitioning 
between the idle and established states. There will also be a flood of BGP UPDATE and 
WITHDRAWN messages. If you have a flapping interface, use the no form of this 
command. 


Cisco IOS Software Release: 11.0 


nfiguration Example: Demonstration of Fast External Fallover 


This configuration example demonstrates using the bgp fast-external-fallover command. 
In Figure 3-11, the Ethernet interface on Router B is flapping. We will investigate the result 
of using both fast-external-fallover and no fast-external-fallover. 


jure 3-11 A Flapping Interface Can Cause Instability 


Flappi 
172.17.1.1/24 interace | 172.17.1.2/24 


Router A 
router bgp 1 
neighbor 172.17.1.2 remote-as 2 


ROuter 6B 

router bgp 2 
fast-external-fallover 
neighbor 172.17.1.1 remote-as 1 


Verify that Routers A and B have formed a BGP connection: 


rtrBéshow ip bgp neighbors 
BGP neighbor is 172.17.1.1, remote AS 1, external link 
Index 1, Offset @, Mask Ox2 
BGP version 4, remote router ID 172.17.1.1 
BGP state = Established, table version = 58, up for 00:14:02 
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Enable event debugging on Router B using the command debug ip bgp events. In 
configuration mode on Router B, shut down the Ethernet interface and observe the dek 
output: 

idi7h: BGP: 172.17.1.1 reset requested 


1d17h: BGP: 172.17.1.1 reset due to Interface flap 
1di7h: BGP: 172,17.1.1 went from Established to Idle 


Using the default bgp fast-external-fallover, you can see that when the interface 
down, the BGP session is immediately reset, Enable the Ethernet interface on Router B, 
configure the no form of this command on Router B: 


Router 8 
router bgp 2 


neighbor 172.17.1.1 remote-as 1 : 


Verification 


After Routers A and B have established a BGP connection, shut down the Ethernet interfs 
on Router B, and observe the debug output: 


ly ae 


1di7h: %SLINK-5S-CHANGED: Interface Ethernet®, changed state to administratively ¢ 
1d17h: SLINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet®, changed state 
down 


The BGP session did not drop, and the BGP neighbor relationship remained in the 
established state. Of course, if the interface remains down longer than the configure 
hold time, the connection is dropped: 


idi7h: BGP: 172.17.1.1 reset due to Peer timeout 
1di7h: BGP: 172.17.1.1 went from Established to Idle 


exe 


But if the interface goes up before the hold time expires, the session is not terminate¢ 


Troubleshooting 
Step 1 Verify that the BGP neighbors are in the Established state using the show 
ip bgp neighbors command. 


If the neighbor relationship is not in the Established state, see section 8-23. 
For IBGP and loopbacks, see section 8-33. 


Step 2 Verify that the desired form of the bgp fast-external-fallover command 
has been configured. By default, bgp fast-external-fallover is enabled. 
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3: bgp log-neighbor-changes 
Syntax Description: 
This command has no arguments. 


Purpose: To enable the logging of changes in a BGP neighbor’s status. If the UNIX syslog 
facility is enabled, messages can be sent to a UNIX host running the syslog daemon. If you 
are not using the UNIX syslog facility, the status change messages are stored in the router's 
internal buffer. Events that are logged include the following: 


* BGP protocol initialization 

® No memory for path entry 

* No memory for attribute entry 

® No memory for prefix entry 

* No memory for aggregate entry 

* No memory for dampening info 

® No memory for BGP updates 

* BGP notification received 

* Erroneous BGP update received 

* User reset request 

* Peer time-out 

* Password change 

* Error during connection collision 

* Peer closing down the session 

* Peer exceeding maximum prefix limit 
* Interface flap 

* Router ID changed 

* Neighbor deleted 

Member added to peer group 

* Administrative shutdown 

* Remote AS changed 

RR client configuration modification 
Soft reconfiguration modification 
Cisco LOS Software Release: 11.1 CC and 12.0 
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Configuration Example 1: Enabling BGP Neighbor Status Cha; 
Logging to the Console 

To enable the display of BGP neighbor status change events on the console, use the 
following configuration: 4 


router bgp 1 


neighbor 172.17.1.1 remote-as 2  - 


Verification 


When the state of a BGP neighbor changes, the event should be displayed on the eo 
For example, if you execute the command clear ip bgp * on a BGP neighbor. the foll 
output should be displayed: 


rtra 
@1:1@:52: %BGP-5-ADJCHANGE: neighbor 172.17.1.2 Down - Peer closed the sessie 
01:11:22: %BGP-5-ADJCHANGE: neighbor 172.17.1.2 Up 


Configuration Example 2: Enabling BGP Neighbor Status Chang 
Logging to Memory 
To enable the logging of BGP neighbor status change events to memory, use the follo 
configuration: 


! 
router bgp 1 


neighbor 172.17.1.1 remote-as 2 s 


The parameters 4096 and debugging are default values and are supplied by the router 
you use the command logging buffered. The default values vary by platform. 


Verification 
The show logging command displays the status of buffered logging. If logging is em 
the contents of the buffer are displayed: 


rtr#show logging 
Syslog logging: enabled (® messages dropped, © flushes, ® overruns) 
Console logging: level debugging, 48 messages logged 
Monitor logging: level debugging, @ messages logged 


Trap logging: level informational, 51 message lines logged 
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(Continued) 
Log Buffer (4096 bytes): 


01:18:16: %SYS-5-CONFIG_I: Configured from console by console 


@1:18:31: *%BGP-5-ADJCHANGE: neighbor 172.17.1.2 Down - Peer closed the session 
@1:19:00: %BGP-5-ADJCHANGE: neighbor 172.17.1.2 Up 


bleshooting 
Step 1 Verify that the BGP neighbors are in the Established state using the show 
ip bgp neighbors command. 


If the neighbor relationship is not in the Established state, see section 8-23. 
Step 2 Verify that buffered logging is enabled using the show logging command. 


17: bgp router-id jp-address 
Syntax Description: 
® ip-address—IP address to use for the BGP router ID. 


Purpose: To explicitly set the BGP router ID. BGP normally uses the highest IP address 
assigned to an interface as the router ID. If loopback interfaces are used, the BGP router ID 
is the highest address assigned to a loopback interface, regardless of the IP addresses 
assigned to any physical interface. 


Cisco IOS Software Release: 10.0 


Infiguration Example: BGP Router IDs 


The scenario in Figure 3-12 is used to demonstrate the three possibilities for determining a 
BGP router ID, Initially, configure Router B without using loopback interfaces. 


: re 3. 12 Scenario Used to Demonstrate BGP Router IDs 


150.150.1.1/24 
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Router A 
router bgp 1 

neighbor 10.1.1.2 remote-as 2 
Router B 

interface ethernet @ 

ip address 15@.150.1.1 255.255.255.060 
! 

interface serial 0 

ip address 10.1.1.2 

! 

router bgp 2 

neighbor 10.1.1.1 remote-as 1 


There are two physical interfaces on Router B— Ethernet 0 and Serial 0. The BGF 
ID is the highest assigned IP address, 150.150.1.1: t 


rtrBeshow ip bgp summuary . 


BGP table version is 1, main routing table version 1 


Neighbor V AS MsgRcvd MsgSent ThlVer InQ OutQ Up/Down 


10.1.1.1 4 2 Q ® a 7) ® never 


Now add a loopback interface on Router B: 


Router B 
interface loopback @ 
ip add 1.1.1.1 255.255.255.255 


The BGP router ID should now be 1.1.1.1 even though this is not the highest P ad 
assigned to Router B. The loopback address takes precedence over physical address 
it comes to assigning the router ID: . 


rtrB#show ip bgp summary 


~ BGP table version is 1, main routing table version 1 


Neighbor V AS MsgRcvd MsgSent TblVer InQ Out@ Up/Down state/P' 


10.1.1.1 4 2 


1 


2 @ never Oper 


Now override the BGP route ID using the command bgp router-id ip-address: 


Router B 


bap rout rid 8. anil 1 


3-17: bgp router-id ip-address 93 


Verify that the BGP router ID has been changed to 5.5.5.5: 
rtrB#show ip bgp summuary 


BGP table version is 1, main routing table version 1 


Neighbor V AS MsgRcovd MsgSent TblVer InQ Outad Up/Down State/PfxAed 


10,1.1.1 4 2 7 6 Q t) @ 00:00:18 Active 


leshooting 
Step 1 Verify that the BGP neighbors are in the Established state using the show 
ip bgp neighbors command. 


If the neighbor relationship is not in the Established state, see section 8-23. 


Step 2 The BGP router [ID should be changed if you are using the bgp router- 
id ip-address command. Verify using the show ip bgp summary 
command. 
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lefault Information 


-1: default-information originate 
Syntax Description: 
This command has no arguments. 


Purpose: To allow BGP to advertise the default route 0.0.0.0. A default route can also be 
advertised on a per-neighbor basis. See sections 8-3 and 8-4. 
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: 
} — 


onfic uration Example: BGP Default Route Advertisement 


Router B in Figure 4-1 needs to be configured to advertise a default route to Router A via 
BGP. The configuration requires a combination of commands that we will step through to 
illustrate the process. 


Using BGP to Advertise a Default Route i 


172.17.1. 


Router A 
router bgp 1 
neighbor 172.17.1.1 remote-as 2 


Router B 


r 


ter bgp 2 


neighbor 172.17.1.2 remote-as 1 
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Check the BGP tables on Routers A and B to determine if the default route is 
advertised: 


rtrA#show ip bgp 
There are no routes in the BGP routing table. 
rtrB#show ip bgp 

There are no routes in the BGP routing table. 


A default route is not being advertised by Router B. Let’s try modifying the config 
on Router B so that a static default route points to the serial interface: 7 


Router B 
router bgp 2 

default-information originate 
neighbor 172.17.1.2 remote-as 1 

! 

ip route 6.9.0.0 0.0.8.0 serial 2/0 


Verify the static route on Router B, and then check to see if this route is being propa 
by BGP: _ 


rtrB#show ip route static 
S* 0.0,0.0/0 is directly connected, Serial2/0 


rtrA#show ip bgp 


rtrB#show ip bgp 


We still do not have the defau te being propagated via BGP. 
Before redistributing the route into BGP, remo 


default-information originate command from the BGP configuration on Rot 


Router 8B 
router bgp 2 

redistribute static 

neighbor 172.17.1.2 remote-as 1 

! 

ip route 0.0.0.0 0.0.0.0 serial2/0 


Is the default route being advertised? Check the BGP tables on Routers A and B: 


rtrA#show ip bgp 
There are no routes in the BGP routing table. 
rtrBéshow ip bgp 

There are no routes in the BGP routing table. 
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Finally, add all the commands we have used so far to the BGP configuration on Router B: 


Router 6 

router bgp 2 

redistribute static 

neighbor 172.17.1.2 remote-as 1 


default-information originate 


t 
ip route 0.0.0.0 0.0.0.0 serial2/0 


sation 
Examine the BGP tables on Routers A and B to see if we were able to advertise the default 
route: 

rtrAfshow ip bgp 

BGP table version is 5, local router ID is 144,223.1.1 


Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
b Le dT Wy a S| 4] 02? 


BGP table version is 3, local router ID is 172.16.2.1 
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? ~ incomplete 


Network Next Hop Metric LocPrf Weight Path 
*> 0.0.9.8 0.0.9.0 ® 32768 7 


We have demonstrated that advertising a default route via BGP requires three steps: 
Step 1 Create a static default route. 

Step 2 Redistribute static into BGP. 

Step 3 Use the BGP command default-information originate. 


Step 1 Verify that the BGP neighbors are in the Established state using the show 
ip bgp neighbors command. 


If the neighbor relationship is not in the Established state, see section 8-23. 
For IBGP and loopbacks, see section 8-33. 


Step 2 Verify that a static default route has been configured. 
Step 3 Verify that static routes are being redistributed into BGP. 


Step 4 Verify that default-information originate has been configured on the 
advertising BGP router. 


98 Chapter 4: Default Information 


4-2: default-metric metric 
Syntax Description: 


Purpose: To assign a metric or MED to routes that are redistributed into BGP. Ther 
three methods for assigning the metric or MED for redistributed routes. The fir 
assign a metric when redistributing routes into BGP. If a metric value is not ass 
value 0 is applied to the metric for redistributed routes. This occurs when you use 
redistribute command with no metric assignment (see section 10-1). The second p 
is to assign a metric or MED value when redistributing a protocol into BGP (see se 
10-2). The third method uses the default-metric command to assign a metric or 
redistributed routes that have not had their metric value assigned by the redist 
command: 


* redistribute ospf 1—Assigns a metric of 0 to OSPF routes. 
* redistribute ospf 1 metric 5—Assigns a metric of 5 to OSPF routes. 
* redistribute ospf 1 metric 5 

redistribute static 


default-metric 10—Assigns a metric of 5 to OSPF routes and a metric of 10 — 
to static routes. 


Cisco IOS Software Release: 10.0 


Configuration Example: Assigning Metrics to Redistributed Ri 


In Figure 4-2, Router B is redistributing OSPF and static routes into BGP. The OSPF 
are assigned a metric of 5 using the redistribute ospf 1 metric 5 command. The st 
routes are assigned a metric of () because we are not using the default-metric comm 
assigning a metric with the redistribute command. 


Figure 4-2 Assigning Metrics to Redistributed Routes 


OSPF - metric = 5 Assigned using the redistribute ospt 1 metric 5 CO 
Static - metric = 0 If not using the default metric command 
Static - metric = 10 If using the default-metric 10 command 


72 205.40.30.129/26 


o__ 


144.223.1.1/24 EBGP 


172.17.1.2 
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Router A 
router bgp 1 
neighbor 172.17.1.1 remote-as 
Router & 
router ospf 1 
network 10.0.0.@ @.255.255.255 area 0 


! 
router bgp 2 

redistribute ospf 1 metric 5 
redistribute static 

neighbor 172.17.1.2 remote-as 1 


no auto-summary 
! 
ip route 198.8.4.128 255.255.255.128 Ethernet 0 
Router 
interface loopback @ 

ip address 205.40.30.129 255.255.255.192 

! 

router ospf 1 

network 10.0.0.0 0.255.255.255 area 0 

network 205.0.0.0 ®.255.255.255 area 51 


Without the default-metric command on Router B, the static routes are assigned a metric 
of 0: 


rtrBéshow ip bgp 
BGP table version is 5, local router ID is 172.16.2.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
*> 10.1.1.0/30 ®.0.0.2 4) 32768 7? 
*> 172.16.2.0/24 @.0.0.0 } 32768 7? 


*> 205.40.30.128/25 10.1.1.2 5 32768 ? 


Now modify the BGP configuration on Router B and assign a default metric of 10: 


Router B 
router bgp 2 
redistribute static 


redistribute ospf 1 metric 5 
neighbor 172.17.1.2 remote-as 1 


on 


Verify that the default metric has been applied only to the static route and not to the OSPF 
routes: 
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rtrB#show ip bgp 
BGP table version is 5, local router ID is 172.16.2.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
*> 10.1.1.0/30 @.0,0.0 Q 32768 ? 
*> 172.16.2.0/24 0.0.0.0 @ 32768 7? 


Troubleshooting 


Step 1 Verify that the BGP neighbors are in the Established state using the show 
ip bgp neighbors command. 


If the neighbor relationship is not in the Established state, see section 8-23. 


Step 2. The default metric will only be applied to redistributed routes that are not — 
assigned a metric using the redistribute command. 


Step 3 When redistributing routes, use the no auto-summary command (see 
section 2-1). 


CHAPTER 5 


> Administrative Distance 


‘distance admin-distance ip-source-address ip- 
res s-mask 


-mask ip-access-list-number 
Syntax Description: 


* admin-distance—Administrative distance assigned to learned routes. The value range 
is 1 to 255. 

ip-source-address—IP address of the source of the routing update. 
ip-address-maskl—Address mask for the source of the routing update. 


ip-access-list-number—Optional standard IP access list used to apply the 
administrative distance to selected routes. 


Purpose: To modify the administrative distance of BGP routes. When a particular route is 
learned via multiple routing protocols, the administrative distance is used to select the best 
foute. The lower administrative distance is preferred. The administrative distances used for 
the IP routing protocols are as follows: 


* Connected—O 


© Static—1 

* EBGP—20 
* EIGRP—90 
* IGRP—100 
* OSPF—110 
= 1S-IS—115 
* RIP—|20 

* IBGP—200 


Cisco 10s Software Release: 10.0 
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Configuration Example 1: Modifying the Distance of All Routes 
Received from a Particular Neighbor 


In Figure 5-1, Router A is advertising 144.223.1.0/24 and 144.223.2.0/24 via EBGP, and 
Router C is advertising 205.40.30.0/24 via IBGP. 


Figure 5-1 = Default Administrative Distance for EBGP and IBGP 


EBGP distance = 20 IBGP distance = 200 


144.223.1.0/24 
205.40.30.0/24 


144.223.2.0/24 


172.17.1.1 


Router A 

interface loopback ® 

ip address 144.223.1.1 255.255.255.0 
! 
interface loopback 1 

ip address 144.223.2.1 255.255.255.0 
! 
router bgp 1 
network 144.223.1.@ mask 255.255.255.0 
network 144.223.2.0 mask 255.255.255.0 
neighbor 172.17.1.1 remote-as 2 
Router B 
router bgp 2 

no synchronization 

neighbor 172.17.1.2 remote-as 1 
neighbor 10.1.1.2 remote-as 2 


interface loopback @ 

ip address 205.40.30.1 255.255.255.0 
! 
router bgp 2 

network 205.40.38.8 

neighbor 10.1.1.1 remote-as 2 


The default administrative distance is 20 for EBGP and 200 for IBGP. This can be verified 
by inspecting the IP routing table on Router B: 
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rtrB#show ip route bgp 


144,223.0.0/24 is subnetted, 2 subnets 
144,223.2.0 [20/0] via 172.17.1.2, 00:00:51 
144.223.1.@ [20/0] via 172.17.1.2, 01:13:14 
205.40.30.0/24 [200/0] via 10.1.1.2, 01:13:14 


For this example, we will set the administrative distance to 50 for all routes received by 
Router B from Router C. Using the first form of the command, all we need to do is use the 
IP address of Router C. Modify the BGP configuration on Router B as shown: 

Router B 


router bgp 2 
no synchronization 


neighbor 172.17.1.1 remote-as 1 
neighbor 10.1.1.2 remote-as 2 


Using a mask of 0.0.0.0 matches all 32 bits of the IP address. Multiple addresses can be 
matched using a different mask. For example, using 10.1.1.0 0.0.0.255 matches all 
neighbors on subnet 10.1.1.0/24. To match all neighbors, use the address/mask pair 0.0.0.0 
255.255.255.255. 


srification 
Verify that the administrative distance of the route learned from Router C has been set to 50: 


rtrBéshow ip route bgp 
144.223.0.0/24 is subnetted, 2 subnets 
B 144.223.2.0 [20/0] via 172.17.1.2, 00:00:51 


B 144.223.1.@ [20/0] via 172.17.1.2, 01:13:14 


Onfiguration Example 2: Modifying the Distance of a Specific 
Oute Received from a Particular Neighbor 
For the configuration in Figure 5-1, we will set the administrative distance to 80 for the 
144.223.1.0/24 route being advertised by Router A. Modify the BGP configuration on 
Router B as shown: 
router bgp 2 
ho synchronization 


neighbor 172.17.1.1 remote-as 1 
neighbor 10.1.1.2 remote-as 2 


Gistance 50 10.1.1.2 0.0.0.0 
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Verification 


Verify that the 144.223.1.0 route now has an administrative distance of 80 and h: 
administrative distance for the 144.223.2.0 route is unchanged: 


rtrB#show ip route bgp - 
144,223,.0.0/24 is subnetted, 2 subnets 
B-205.40.30.0/24 [50/0] via 10.1.1.2, 00:02:22 


Troubleshooting 
Step 1 Verify that the BGP neighbors are in the Established state using the show 

ip bgp neighbors command. 

If the neighbor relationship is not in the Established state, see section 823, 

Step 2 Verify that the address/mask pair matches the proper neighbor 


Step 3 If using an access list, verify the syntax of the list and that you are 
referencing the proper list. 


5-3: distance bgp external internal local 
Syntax Description: 


: ana learned via EBGP. 

: Routes learned via IBGP 

© BER ontes entered into the BGP table via the aggregate-address commal 
Defaults: external 20, internal 200, local 200 
Purpose: To modify the administrative distance of BGP routes. When a parti cular 
learned via multiple routing protocols, the administrative distance is used to 
route. The lower administrative distance is preferred. The administrative distances 
the IP routing protocols are: 

© Connected—O 

© = Static—ti 

® EBGP—20 

© EIGRP—90 

®* IGRP—100 

© OSPF—110 

© 1S-IS—115 

® RIP—120 

* IBGP—200 
Cisco IOS Software Release: |0.0 
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suration Example: Modifying the Distance for External, 

al, and Local BGP Routes 

fn Figure 5-2, Router A is advertising 144.223.1.0/24 via EBGP and Router C is 
advertising 205.40.30.0/24 via IBGP. From the perspective of Router B the EBGP route is 
external and the IBGP route is local. If we create an aggregate on Router B then a route to 
NullO for the aggregate will be installed in the IP routing table. The NullO route is 
considered a BGP local route. 


External, Internal, and Local BGP Routes 


144.223.1.0/24 Null route to an aggregate} 205.40.30.0/24 
External Internal 
— 


172.17.1.2/24 172.17.1.2/24 


Router A 
interface loopback @ 
ip address 144.223.1.1 255.255.255.0 
| 
router bgp 1 
network 144.223.1.0 mask 255.255.255.0 
neighbor 172.17.1.1 remote-as 2 
Router B 
router bgp 2 
no synchronization 
aggregate-address 144.223.0.0 255.255.252.@ summary-only 
neighbor 172.17.1.2 remote-as 1 
neighbor 10.1.1.2 remote-as 2 
Router 
interface loopback @ 


ip address 205.40.30.1 255.255.255.0 
H 


router bgp 2 
network 205.40.30.0 
neighbor 10.1.14.1 remote-as 2 


The BGP table on Router B should contain 3 routes. The route from Router A is external, 
the route from Router C is internal and the route to Null for 144.223.0.0 is local. 
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rtrBéshow ip bgp 
BGP table version is 5, local router-ID is 172.16.2.1 
Status codes: s suppressed, d damped, h history, * valid, > best, i - im 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Metric LocPrf Weight Path 


*> 144.223.0.0/22 0.0.0.0 32768 i 
S> 144.223.1.0/24  172.17.1.2 6 ®1i 
*>1205.40.30.0 10.1.1.2 Q 102 ®t 


BGP ae table entry #5p 144.223.1.0/24, version 5 
Paths: (1 available, best #1, table Default-IP-Routing-Table, Advertiseme 
pressed by an aggregate.) 

Not advertised to any peer 

1 
172.17.1.2 from 172.17.1.2 (144.223.1.1) 


rtre#show ip bgp 

BGP routing table dry aan 205.40.30.0/24, version 2 

Paths: (1 available, best #1, table Default-IP-Routing-Table) 
Advertised to non peer-group peers: 
172.17.1.2 
Local 

10.1.1.2 from 10.1.1.2 (205.4@.30.1) 


BGP routing table entry for 144.223.0.0/22, version 4 
Paths: (1 available, best #1, table Default-IP-Routing-Table) 
Advertised to non peer-group peers: 

10.1.1.2 172.17.1.2 
Local, (aggregated by 2 172.16.2.1) 
@.2.0.0 from @.0.0.0 (172.16.2.1) 


The administrative distance for these routes can be seen in the IP routing tablee 
Router B: 


rtrB#show ip route bgp 
144.223.0.0/16 is variably subnetted, 2 subnets, 2 masks 
B 144.223.1.0/24 [20/0] via 172.17.1.2, 00:05:58 
144.223,0.0/22 [2006/0] via @.0.0.0, 00:05:58, Null@ 
205.40.30.0/24 [200/0] via 10.1.1.2, 00:06:07 
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aggregate-address 144.223.0.0 255.255.252.@ summary-only 
| neighbor 172.17.1.2 remote-as 1 
neighbor 10.1.1.2 remote-as 2 


on 
Verify that the administrative distance for the external, internal, and local BGP routes has 
been modified: 

| ftrB#show ip route bgp 


B 144,223.1.0/24 [15/0] via 172.17.1.2, 00:03:30 
i: 144,223.0,0/22 [35/0] via 0.0.0.0, 00:03:30, Null 
| B 205.40.30.0/24 [25/@] via 10.1.1.2, 00:03:30 


Verify that the BGP neighbors are in the Established state using the show 
ip bgp neighbors command. 


If the neighbor relationship is not in the Established state then see section 8-23. 


If the neighbors are established then this command should work. 
Understand the difference between external, internal, and local BGP 
routes. 


CHAPTER 


6 


BGP Route Filtering 


6-1: distribute-list 

Purpose: This form of the distribute-list command works only with Interior Gateway 
Protocols. Even though this command appears as a BGP router configuration option, do not 
use this command when configuring BGP, Use the neighbor {ip-address | peer-group } 
distribute-list {in | out) command described in sections 8-6 and 8-7. 


BGP Maximum Paths 


7-1: maximum-paths number-of-paths 


Syntax Description: 


= number-of-paths—Number of BGP learned paths to the same destination that will 


be installed in the IP routing table. The value can be | to 6. 


Purpose: By default, BGP installs only the best path to a destination in the IP routing table. 
The maximum-paths command allows up to six paths to the same destination to be 
t installed in the IP routing table. 


IOS Release: | 1.2 


tee: Example 


In Figure 7-1, Router A is learning two paths to network 172.17.1.x via EBGP. By default, 
BGP will install only one of these paths in the IP routing table. If all the attributes of the 
paths are equal, such as MED, Local Preference, and Weight, the route that will be installed 
is the one learned from the router with the lowest router ID. Initially, the routers will be 
configured without using the maximum-paths command, as shown in the following 
listing. This is done to demonstrate that only one route to 172.17.1.0 will be installed. 
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Figure 7-1 Configuration Used to Demonstrate the maximum-paths Conynand 


172.17.1.1 172.17.1.2 


Router A 

ip subnet-zero 

! 

interface Serial 

ip address 10.1.1.1 255.255.255.252 
! 

interface Serial 

ip address 10.1.2.1 255.255.255.252 
: 
router bgp 2 

neighbor 10.1.1.2 remote-as 1 
neighbor 10.1.2.2 remote-as 1 
Router & 

ip subnet-zero 

! 

interface Ethernet@ 

ip address 172.17.1.1 255.255.255.0 
! 
interface Serialé 

ip address 1@.1.1.2 255.255.255.252 
clockrate 64000 

! 
router bgp 1 

network 172.17.1.0 mask 255.255.255.0 
network 10.1.1.@ mask 255.255.255.252 
neighbor 10.1.1.1 remote-as 2 
neighbor 172.17.1.2 remote-as 1 

no synchronization 

Houter 
ip subnet-zero 

! 
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(Continued) 
interface Ethernet® 
ip address 172.17.1.2 255.255.255. 
! 
interface Seriald 
ip address 10.1.2.2 255.255.255.252 
clockrate 64000 


! 

router bgp 1 
network 172.17.1.0 mask 255,255.255.0 
network 10.1.2.0 mask 255.255.255.252 
neighbor 10.1.2.1 remote-as 2 
neighbor 172.17.1.1 remote-as 1 

no synchronization 


The BGP table on Router A should contain two paths to network 172.17.1.0: 


rtrA#show ip bgp 

BGP table version is 4, local router ID is 1.1.1.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes; i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 


Notice that the path to 172.17.1.0/24 learned from 10.1.1.2 is considered the best path, as 
denoted by the > symbol. This is the best path because the BGP neighbor advertising this 
path has a lower router ID than the neighbor advertising the other path, as seen in the show 
ip bgp neighbors command on Router A: 


rtrA#show ip bgp neighbors 


Index 1, Offset 0, Mask Qx2 


BGP state = Established, table version = 6, up for 00:01:38 
Last read 00:00:37, hold time is 180, keepalive interval is 60 seconds 
Minimum time between advertisement runs is 30 seconds 
Received 24 messages, 0 notifications, 0 in queue 
Sent 2@ messages, @ notifications, ®@ in queue 
Prefix advertised 0, suppressed @, withdrawn 0 
Connections established 3; dropped 2 
Last reset 00:02:00, due to Peer closed the session 
1 accepted prefixes consume 32 bytes 
® history paths consume ® bytes 
Connection state is ESTAB, 1/0 status: 1, unread input bytes: @ 
Local host: 10.1.1.1, Local port: 179 
Foreign host: 10.1.1.2, Foreign port: 11006 


continues 
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(Continued) 
Index 2, Offset 0, Mask Ox4 


BGP state = Established, table version = 6, up for 00:02:54 
Last read 00:00:55, hold time is 180, keepalive interval is 6@ seconds 
Minimum time between advertisement runs is 30 seconds <” 
Received 23 messages, ® notifications, @ in queue 
Sent 20 messages, ® notifications, @ in queue 
Prefix advertised 0, suppressed 0, withdrawn ® 
Connections established 3; dropped 2 
Last reset 00:03:19, due to Peer closed the session 
1 accepted prefixes consume 32 bytes 
®@ history paths consume @ bytes 

i) 

i 


Only one of the paths to 172.17.1.0/24 will be installed in the IP routing table on 


rtrA#show ip route 
Codes: © - connected, S - static, I - IGRP, R - RIP, M - mobile, B =~ 
D - EIGRP, EX - EIGRP external, 0 - OSPF, IA - OSPF inter area 
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP 
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidat 
U - per-user static route, o - ODR, P - periodic downloaded sta 
T - traffic engineered route 


Gateway of last resort is not set 


10.0.0.0/30 is subnetted, 2 subnets 
C 1@.1.2.0 is directly connected, Serial1 
Cc 10.1.1.0 is directly connected, Serial® 


Router A 

router bgp 2 

neighbor 10.1.1.2 remote-as 1 
neighbor 10.1.2.2 remote-as 1 
maximim-paths 2 


Verification y 
Verify that both routes to 172.17.1.0/24 learned via EBGP are being installed in 
routing table on Router A: 
rtrA#show ip route 
Codes: C - connected, S - static, I - IGRP, A - RIP, M - mobile, B ~ @ 


D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
Ni - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 
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(Continued) 


Step 4 


Gateway of last resort is not set 


10.0.0.0/3@ is subnetted, 2 subnets 


E1 - OSPF external type 1, E2 - OSPF external type 2, — - EGP 

i - IS-IS, 11 - IS-IS level-1, L2 - IS-IS level-2, * - Candidate default 
U- per-user static route, o - ODR, P - periodic downloaded Static route 
T - traffic engineered route 


[20/0] via 10,1.2.2 


10.1,2.0 is directly connected, Seriali 
10.1.1.0 is directly connected, Seriale 


Verity that the BGP neighbors are in the Established state using the show 
ip bgp neighbors command. 


If the neighbor relationship is not in the Established state, see section 8-23, 


Verify that the router is learning multiple paths to the same destination 
using the show ip bgp command. 


If multiple paths are not being learned via BGP, check your BGP 
neighbor configuration, especially the syntax for the network and/or 
redistribution commands. Also check for any filters that might be 
blocking the desired routes. 


Verify that multiple routes to the same destination have been installed in 
the IP routing table using the show ip route command. 


CHAPTER R 


eighbor Configuration 


4: neighbor {ip-address | peer-group-name} advertise- 
ap route-map-name1 non-exist-map route-map-name2 
Syntax Description: 

© = ip-address—Neighbor’s IP address. 

© peer-group-name—Name of the peer group. See section 8-19. 


® — route-map-name]—Route map that identifies the secondary prefix to advertise only 
if the primary prefix referenced by route-map-name?2 disappears. 


® — youte-map-name2—Route map that identifies the primary prefix to advertise. If this 
route disappears, the secondary prefix referenced by route-map-name is advertised. 


Purpose: The primary prefix referenced by route-map-namez2 is advertised to BGP peers 
if the prefix is in the BGP table. If the network is directly connected, the network or 
redistribute connected command can be used to place the primary network in the BGP 
table. If the primary prefix is learned via an IGP, the redistribute JGP command installs 
the prefix in the BGP table. The prefix may be learned from a BGP peer and is 
automatically placed in the BGP table. The primary prefix is advertised until it disappears 
from the BGP table. This can happen if the network goes down or if the advertisement for 
this network is no longer being received. When the route disappears, the prefix referenced 
by route-map-name! is advertised. If the primary network reappears in the BGP table, it is 
again advertised, and the secondary prefix is suppressed. 


Cisco IOS Software Release: 12.0 


iguration Example: Advertise the Primary Route While 
Pressing the Secondary Route 


The goal of this example is to illustrate the mechanics of the neighbor advertise-map 
command. In Figure 8-1, Router A advertises network 156.26.32,0/24 if the route is up. If 
Network 156.26.32.0/24 goes down, network 144.223.8.0/24 is advertised. 


120 Chapter 8: Neighbor Configuration 


Figure 8-1 = /I/ustration of the neighbor advertise-map Command 


156.26.32.0/24 Advertise 156.26.32.0/24 
Suppress 144.223.8.0/24 


10.1.1.1 4944.2 


144.223,8.0/24 
Secondary 


Advertise 144.223.8.0/24 —————_—_» 


144.223.8.0/24 
Secondary 


Router A 

interface loopback 0 

description primary prefix 

ip address 156.26.32.1 255.255.255.0 

! 

interface loopback 1 

description secondary prefix 

ip address 144.223.8.1 255.255.255.0 

! 

router bgp 1 

network 156.26.32.@ mask 255.255.255.0 
network 144.223.8.0 mask 255.255.255.0 
neighbor 18,1.1.2 remote-as 1 


! 
access-list 2 permit 144.223.8.0 0.0.0.255 
1 
route-map primary permit 10 
match ip address 1 
| 


- neighbor {ip-address | peer-group-name} advertise-map route-map-name! non-exist-map . . . 


(Continued) 

route-map secondary permit 10 
match ip address 2 
Router B 

router bgp 1 
neighbor 10.1.1.1 remote-as 1 


! 


Two loopbacks have been created on Router A to simulate the primary and secondary 
prefixes. Both prefixes must be in the BGP table. The two network commands on Router 
A install the prefixes in the BGP table. If both of the loopback interfaces are up, the primary 
and secondary prefixes are in the BGP table on Router A. The advertise-map command 
prevents the secondary prefix from being advertised to BGP peers as long as the primary 
prefix is in the BGP table. If the primary prefix disappears from the BGP table, the 
secondary prefix is advertised, 


ferification 
Verify that the primary and secondary prefixes are in the BGP table on Router A: 


rtrA#show ip bgp 

BGP table version is 15, local router ID is 156.26.32.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
*> 144.223.8.0/24 @.0.0.0 @ 32768 i 
*> 156.26.32.0/24 0.0.0.0 @ 32768 i 


Verify that only the primary prefix is being advertised to Router B: 


rtrB#show ip bgp 

BGP table version is 23, local router ID is 10.1.1.2 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
* 1156.26.32.0/24 10.1.1.1 @ 100 Qi 


You can also view the effect of advertise-map by examining specific entries in the BGP 
table. 


rtrA#show ip bgp 144.223.8.90 


Local 
0.0.0.0 from 0.0.0.0 (156.26.32.1) 
Origin IGP, metric @, localpref 10@, weight 32768, valid, sourced, local,2 
continues 
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(Continued) 


rtrA#show ip bgp 156.26.32.0 


0.9.0.0 from 0.0.0.0 (156.26.32.1) 
Origin IGP, metric ®, localpref 100, weight 32768, valid, sourced, loca 


To demonstrate the operation of the advertise-map command, we need to make th 
primary prefix disappear from the BGP table on Router A by shutting down loo 
interface 0 on Router A: 


int loopback ® 
ip address 156.26.32.1 255.255.255.0 
shutdown 


The primary route should disappear from the BGP table on Router A: 


rtrA#show ip bgp 
BGP table version is 16, local router ID is 156.26.32.1 
Status codes: s suppressed, d damped, h history, * valid, > best, i - inter 
Origin codes: i - IGP, e - EGP, ? - incomplete I 


Network Next Hop Metric LocPrf Weight Path 
*> 144.223.8.0/24 0.0.0.0 ® 32768 i 


With the primary route gone, the secondary route should be advertised to Router ue 


rtrBéshow ip bgp 
BGP table version is 23, local router ID is 10.1.1.2 q 
Status codes: s suppressed, d damped, h history, * valid, > best, i - interné 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
* 1144.223.8.0/24 10.1.1,1 Q 100 Qi 


The specific entries for the primary and secondary prefixes show the effect of non-eXxi 
Prtravehow ip bgp 144.229.0000 
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(Continued) 
Local 
@.0.0.0 from 0.0.0.0 (156.26.32.1) 
Origin IGP, metric @, localpref 108, weight 32768, valid, sourced, local,2 


rtrA#show ip bgp 156.26.32.0 


& Network not in table 


‘Troubleshooting 
; 1 Verify that the BGP neighbors are in the Established state using the show ip bgp 
neighbors command. 


If the neighbor relationship is not in the Established state, see section 8-23. 


2 Ensure that the primary and secondary prefixes are in the BGP table using the show 
ip bgp command. 


3 If the primary and secondary routes are in the BGP table, go to Step 5. 
4 If the primary and secondary routes are not in the BGP table, do the following: 


¥ 
an exact match between the network command (prefix/mask) and the IP routing table 
entry (prefix/mask). Go to Step 2. 


(b) If the primary and secondary routes are learned from a BGP neighbor, check to see 
if the routes are in the neighbor's BGP table. If the routes are in the neighbor’s BGP 
table and the BGP neighbors are in the Established state, check for any filters that 
might be blocking the routes. Go to Step 2. 


5 Verify that route-map-name/ is associated with the secondary route and that route- 
map-name2 is associated with the primary route. 


6 Verify that the route maps exist and are using the proper syntax. 


7 Verify that the access lists referenced by the route maps exist and are using the proper 
syntax. 

8 Check for any filters that might be blocking the advertisement of the primary route or 
secondary route if the primary is down. 

9 Debug the BGP updates between the neighbors. 


(a) Use the debug ip bgp updates command to verify that the primary is up and is 
being advertised. 
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iw6d: BGP: 10. 
starting at 0.0.0. 


jw6d: BGP: 10.1.1.2 1 updates enqueued (average=55, maximum=55) 
iw6d: BGP: 10.1.1.2 update run completed, ran for 8ms, neighbor version 277 
version 28, throttled to 28, check point net 
1w6d: BGP: scanning routing tables 

1w6d: BGP: Condition primary changes to Withdraw 


jw6d: BGP: 10.1.1.2 computing updates, neighbor version 28, table version | 
Starting at 0.0.0.9 


(b) Use the debug ip bgp updates command to verify that the primary is do | n. 


iw6d: BGP: 10.1.1.2 computing updates, neighbor version 25, table version | 
starting at 0.0.0. 


1w6d: BGP: 10.1.1.2 1 updates enqueued (average=27, maximum=27) a 
iw6d: BGP: 10.1.1.2 update run completed, ran for 8ms, neighbor version 25, st 
version 26, throttled to 26, check point net 


1w6d: BGP: 10.1.1.2 D CoMruete updates, neighbor version 26, table version 
starting at - 2. ads @ 


8-2: neighbor {/p-address | peer-group-name} 
advertisement-interval seconds 
Syntax Description: 
® = ip-address—Neighbor’s IP address. 
° = peer-group-name—Name of the peer group. See section 8-19. 
© — seconds—O to 600. 
Defaults: IBGP 5 seconds. EBGP 30 seconds. 
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Purpose: To set the minimum interval between the sending of Border Gateway Protocol 
(BGP) routing updates. To restore the default setting, use the no form of this command. 
When a route that is being advertised by BGP changes, BGP sends either an UPDATE or 
WITHDRAWN message. If an advertised route is flapping, usually caused when an 
interface is unstable, a flood of UPDATE and WITHDRAWN messages occurs. One 
method to control the flooding of BGP messages is to set a minimum advertisement 
interval. With the default value of 30 seconds for EBGP neighbors, BGP routing updates 
are sent only every 30 seconds, even if a route is flapping many times during this 30-second 
interval. BGP dampening can also be used to control the effects of flapping routes (see 
sections 3-7, 3-8, and 3-9). 


Cisco IOS Software Release: 10.0. Peer group support was added in Release 11.0, 


Configuration Example 1: Default Advertisement Interval 


Figure 8-2 illustrates the default advertisement interval for IBGP and EBGP connections. 
The default advertisement interval is automatically set when the initial neighbor 
relationship is established. 


Figure 8-2 Default BGP Advertisement Intervals for IBGP and EBGP 


IBGP 5 seconds EBGP 30 seconds 
Se 


Router A 
router bgp 1 

neighbor 10.1.1.2 remote-as 1 
Router & 
router bgp 1 

neighbor 10.1.1.1 remote-as 1 
neighbor 10.2.1.2 remote-as 2 
Router 

router bgp 2 

neighbor 1.2.1.1 remote-as 1 


Verification 


The default advertisement value can be verified by examining the BGP neighbor 
information. Using the show ip bgp neighbors command on Router B, you can see the 
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default advertisement interval for both the IBGP and EBGP neighbors, as shown in the 
following output: the 


RtrB#show ip bgp neighbors 

BGP neighbor is 10.1.1.1, remote AS 1, internal link 
Index 0, Offset @, Mask Ox® 
BGP version 4, remote router ID 10.1.1.1 
BGP state = Established, table version = 2, up for 0:10:19 
Last read 00:00:20, hold time is 160, keepalive interval is 60 seconds 


Received 331 messages, ® notifications, @ in queue 

Sent 331 messages, 0 notifications, ® in queue 

Connections established 2; dropped 1 
Connection state is ESTAB, I/O status: 1, unread input bytes: @ 
Local host: 10.1.1.2, Local port: 179 
Foreign host: 10.1.1.1, Foreign port: 11013 


BGP neighbor is 10.2.1.2, remote AS 2, external link 
Index 0, Offset 0, Mask Ox® 
BGP version 4, remote router ID 10,2.1.2 
BGP state = Established, table version = 2, up for 00:10:19 
Last read 00:00:15, hold time is 180, keepalive interval is 60 seconds 


Received 229 messages, ® notifications, @ in queue 

Sent 229 messages, ® notifications, @ in queue 

Connections established 2; dropped 1 
Connection state is ESTAB, I/O status: 1, unread input bytes: 0 
Local host: 10.1.1.2, Local port: 179 
Foreign host: 10.2.1.2, Foreign port: 11013 


Configuration Example 2: Modifying the Advertisement Interval 


Db 


In this example, we will change the advertisement interval on Router B for the IBGP” 
neighbor to 15 seconds and for the EBGP neighbor to 45 seconds. The advertise } 
intervals on Routers A and C will remain set to the default values, as shown in Figure e 


7 


Figure 8-3 Configuring BGP Advertisement Intervals for IBGP and EBGP 


IBGP 5 seconds EBGP 30 seconds 
———————— at 
IBGP 15 seconds EBGP 45 seconds 


Router A 

router bgp 1 

neighbor 10.1.1.1 remote-as 1 
Houter B 


8-2: neighbor {ip-address | peer-group-name} advertisement-interval seconds 127 


router bgp 1 
neighbor 10.1.1.1 remote-as 1 
neighbor 10.2.1.2 remote-as 2 


Router 
router bgp 2 
neighbor 10.2.1.1 remote-as 1 


rification 
The preceding configuration of the advertisement intervals on Router B can be verified by 
using the show ip bgp neighbors command: 


RtrB#show ip bgp neighbors 
BGP neighbor is 10.1.1.1, remote AS 1, internal link 

Index 0, Offset 0, Mask Ox® 

BGP version 4, remote router ID 10.1.1.1 

BGP state = Established, table version = 2, up for 00:10:19 
Last read 00:00:20, hold time is 180, keepalive interval is 60 seconds 


Received 331 messages, ® notifications, ® in queue 
Sent 331 messages, @ notifications, 0 in queue 
Connections established 2; dropped 1 
Connection state is ESTAB, 1/0 status: 1, unread input bytes: 0 
Local host: 10.1.1.2, Local port: 179 
Foreign host: 10.1.1.1, Foreign port: 11013 


BGP neighbor is 10.2.1.2, remote AS 2, external link 

Index ®, Offset 0, Mask 0x0 

BGP version 4, remote router ID 10.2.1.2 

BGP state = Established, table version = 2, up for 00:10:19 
Last read 00:00:15, hold time is 180, keepalive interval is 6@ seconds 


Received 229 messages, @ notifications, 0 in queue 

Sent 229 messages, ® notifications, ®@ in queue 
Connections established 2; dropped 1 

Connection state is ESTAB, I/O status: 1, unread input bytes: ® 

Local host: 10:1.1.2, Local port: 179 


Foreign host: 10.2.1.2, Foreign port: 11013 


Troubleshooting 
1 Verify that the BGP neighbors are in the Established state using the show ip bgp 
neighbors command. 
If the neighbor relationship is not in the Established state, see section 8-23. 


2 Verify that you have used the correct IP address for the neighbor or the correct name 
for the peer group. 
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3 Verify the default or configured advertisement interval using the show ip bgp 
neighbors command. f 


8-3: neighbor {ip-address | peer-group-name} 
default-originate 
Syntax Description: 
© = ip-address—Neighbor’s IP address. 
© — peer-group-name—Name of the peer group. See section 8-19, 


Purpose: Every router should have a default route that is used to forward packets to 
networks that are not in the local IP routing table. One method for ensuring that every 
has a default route is to configure a static r route on every To uter to establish the default 
Anais metps ts ertise this rou 


Cisco IOS Software Release: | |.0. Extended access lists are permitted in Release I 


Configuration Example 1: Single Default Route 


Figure 8-4 shows an autonomous system that has a connection to the Internet fro! nk 
B. The network directly connected to the Internet is to be used as the default ro ul 
autonomous system. A static default route could be used on every router in i 
is not the preferred method. These static routes require a high degree of maintenaf . 
default route on Router B changes, every static route on every router in the AS need 
changed. The preferred method is to dynamically propagate the default route @ tache 
Router B throughout the AS. The following configuration contains the necessary 
instructions to enable Router B to propagate the default route. 


Figure 8-4 Single Default Route Advertisement 


Advertise 
default route 


8-3: neighbor {ip-address | peer-group-name} default-o 


Router A 

router bgp 1 

neighbor 10.1.1.2 remote-as 1 
Router & 

router bgp 1 

neighbor 10.1.1.1 remote-as 1 


ip route 0.0.0.0 0.0.0.0 serial @ 


erification 
As always, verify that Routers A and B have established a BGP connection before configuring 
the default route. After configuring the default route advertisement, check the BGP routing 
table on Router A to ensure that the default is being advertised using the show ip bgp 
command. The following output verifies that the route is being advertised by Router B: 
etrA#show ip bgp 
BGP table version is 1, local router ID is 10.1.1.1 


Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 


The preceding output verifies that Router A is receiving the default route advertisement from 
Router B. The next step in the verification process is to check the IP routing table of Router 
A to verify that the default route is being transferred via the show ip route command: 


rtrAfshow ip route ; 
Codes: © - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP 
D - EIGRP, EX - EIGRP external, 0 - OSPF, IA - OSPF inter area 
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP 
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area 


* -~ candidate default, U - per-user static route, o - ODR 
P - periodic downloaded static route 

Gateway of last resort is not set 

10,0.0.0/24 is subnetted, 1 subnets 

c 10.1.1,@ is directly connected, Serial® 


The default route has not been transferred to the IP routing table, as shown in the preceding 


nization on Router A, as shown in the following configuration. Disable synchronization 
only if Router A has a route to the next hop advertised with the default route: 
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Router A 
router bgp 1 
ghbe ).1.1.2 remote-as 1 


With synchronization disabled, recheck the IP routing table on Router A: 


AtrA#show ip route 

Codes: C - connected, S - static, I - IGAP, A - RIP, M - mobile, B - BGP 
D - EIGRP, EX - EIGRP external, 0 - OSPF, IA - OSPF inter area 
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP 
i - IS-IS, 11 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter are: 
" - Candidate default, U - per-user static route, o - ODR 
P - periodic downloaded static route 


Gateway of last resort is 1@.1.1.2 to network 0.0.0.0 


10.0.0.0/24 is subnetted, 1 subnets 
c 10.1,1.@ is directly connected, Serialo 


The default route has been successfully installed in the IP routing table of Router A, 
route will be installed regardless of whether Router B actually has a default route ori 
network that is being used as the default route is functional. If the serial interface o R 

B is shut down, Router B continues to advertise the default route. The next form of 1 
instruction (see section 8-4) demonstrates how to conditionally advertise the default) 
based on the existence of a functional default network. 


onfiguration Example 2: Multiple Default Routes 


In Figure 8-5, Router B is receiving a default route advertisement from both Route 
and C. 
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re 8-5 Multiple Default BGP Route Advertisements 


Internet 


Default route Default route 


Advertise Advertise 
default route detault route 
—<$_$_$__$_____» ——————— 


Router A 
router bgp 1 
neighbor 172.16.1.2 remote-as 2 


router bgp 2 
neighbor 10.1.1.2 remote-as 3 


neighbor 172.16.1.1 remote-as 1 
H 


router bgp 3 
neighbor 172.16.1.1 remote-as 2 
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Verification 


Troubleshooting 


The default routes advertised to Router B can be examined by showing the BGp 
table: 4 


rtrBéshow ip bgp 
BGP table version is 2, local router ID is 172.16.1.2 
Status codes: s suppressed, d damped, h history, * valid, > best, i - ing 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
* 0.9,0,0 172.16.1.1 @3i 
*> 10.0.0.2 @®1i 


Router B installs the “best” default route into the IP routing table. Which d 
the best? All things being equal, BGP selects the route advertised by the ro 
lowest router ID. In this case, Router C has the lower router ID, and the defar 
advertised b jtiagiai C is in : 


rtrB#show ip route : 
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP 
D - EIGRP, EX - EIGRP external, 0 - OSPF, IA - OSPF inter area 
Ni - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP 4 
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate dé 
U - per-user static route, o - ODR 
T - traffic engineered route 


172.16.0.0/24 is subnetted, 1 subnets 
C 172.16.1.® is directly connected, FastEthernetd/0 
10.0.0.0/30 is subnetted, 1 subnets 

10.0.0.0 is directly connected, Serial3/@ 


1 Verify that the BGP neighbors are in the Established state using the Show 
neighbors command. 


2 Verify that the originating router is advertising the default route using the h 
command. 


If tie default route is aia BavesHend, Oto ca 3. 


caranty 


aor ater Also e ensure shat no flies are stocking the 2 default oul 
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3 Verify that the default route is in the IP routing table using the show ip re ute. 
command. route 


If the default route is not in the IP routing = mache’. Trane ae 


neighbor {ip-address | peer-group-name} default- 
inate route-map route-map-name 

Syntax Description: 

© = ip-address—Neighbor’s IP address, 

© —peer-group-name—Name of the peer group. See section 8-19. 


©  route-map-name—Name of the route map. 


Purpose: Every router should have a default route that is used to forward packets to 
networks that are not in the local IP routing table. One method for ensuring that every router 
has a default route is to configure a static route on every router to establish the default route. 
Another method is to create one default route and advertise this route to the BGP neighbors. 
The router owning the default route can advertise it through BGP using 7 ae gma 
rm of the neighbor command. Using this form is recommended, 
because the router advertises the default route only if the condition of the specified route 
map is satisfied. The condition that is typically used is whether or not the default network 
is up. 


Cisco IOS Software Release: | 1.0. Extended access lists are permitted in Release 12.0. 


guration Example: Conditional Default Route Advertiseme 
Figure 8-6 shows an autonomous system that has a connection to the Internet through 
Router B. The network directly connected to the Internet, 10.1.2.0/30, is to be used as the 
default route for the autonomous system. A static default route could be used on every 
router in the AS, but this is not the preferred method. These static routes require a high 
degree of maintenance. If the default route on Router B changes, every static route on every 
router in the AS needs to be changed. The preferred method is to dynamically propagate the 
default route attached to Router B throughout the AS. The following configuration SemeaS 
the hecessary instructions to enable Router B to propagate the default route only if the 
default route exists. 
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Figure 8-6 Conditionally Advertising a Default Route 


Verification 


Default route 


internet 


Conditionally advertise 
default route 


Router A 
router bgp 1 
neighbor 10.1.1.2 remote-as 1 


router bgp 1 
neighbor 10.1.1.1 remote-as 1 


As always, verify that Routers A and B have established a BGP connection bet 
configuring the default route. After configuring the default route advertise 
BGP routing table on Router A to ensure that the default is being advertised using 
ip bgp command. The following output verifies that the default route is being a 
Router B. ; 


rtrA#show ip bgp 
BGP table version is 3, local router ID is 172.17.1.1 .. 
Status codes: s suppressed, d damped, h history, * valid, > best, i - af 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 


*>i10.1.2.0/30 1@.1.4.2 


The preceding output verifies that Router A is receiving the default route ‘ i 
from Router B. The next step in the verification process is to check the IP rout 
Router A to verify that the default route is being transferred: 
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rtrA#show ip route ; 

Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP 
D - EIGRP, EX - EIGRP external, 0 - OSPF, IA - OSPF inter area 
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 
E1 - OSPF external type 1, E2 - OSPF external type 2, — - EGP 
i - IS-IS, L1 - IS-IS level-1, 12 - IS-IS level-2, * - candidate default 
U - per-user static route, o - ODR, P - periodic downloaded static route 
T - traffic engineered route ioe) 


10.0.0.0/30 is subnetted, 2 subnets 
B 10.1.2.0 [200/80] via 10.1.1.2 
c 10.1.1.0 is directly connected, Serial@ 


The default route has been successfully installed in the IP rome table of Router A. This route 
is installed if network 10.1.2.0 is up 


leshooting 
1 Verify that the BGP neighbors are in the Established state using the show ip bgp 
neighbors command. 


If the neighbor relationship is not in the Established state, see section 8-23. 


2 Verify that the originating router is advertising the default route using the show ip bgp 
command, 


If the default route is being advertised, go to Step 3. If the route is not being 
advertised, verify the configuration of the default-originate command on the 
originating router. Also ensure that no filters are blocking the default route. Finally, 
check the syntax of the route map on the originating router. 


3 Verify that the default route is in the IP routing table using the show ip route | 
command. 


If the default route is not in the IP routing table, turn synchronization off if the next 
hop associated with the default route can be reached. This applies only to IBGP 
connections. 
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8-5: neighbor {/p-address | peer-group-name} descrir 
text 
Syntax Description: 
© = ip-address—Neighbor’s IP address. 
© — peer-group-name—Name of the peer group. See section 8-19. 


© = text—Line describing the neighbor (1 to 80 characters). 


Purpose: The description option performs a function that is similar to a commen 
software program. This function simply helps the reader determine the purpose of} 
or, in the BGP case, the identification of the neighbor. Adding a neighbor deseript 
BGP configuration does not affect the operation of BGP. The description should & 
useful information that can be quickly used to identify neighbors. For simple se a 
have few neighbors, the description option has limited usefulness. For an IS 
multiple neighbor relationships, however, you can use the description comman 
a neighbor without having to memorize its IP address. 


Cisco IOS Software Release: | |.3 


Configuration Example: Identifying a BGP Neighbor 


Figure 8-7 shows an ISP and one of its neighbor connections. The ISP uses the des 
option to quickly identify the customers associated with each BGP connection. 


Figure 8-7 Using the Description Option to Identify a BGP Neighbor 


Router A 
router bgp 65123 
aegeoeee 10.1.1.2 remote-as 1 _ 


router sea 1 
neighbor 10.1.1.1 remote-as 65123 


3.6; neighbor {ip-address | peer-group-name} distribute-list {ip-access-list-number-or-name|... 137 


tion 
Use the show ip bgp neighbors command to verify the description, as shown in the 
following output, 


r3rt#show ip bgp neighbors 
BGP neighbor is 10.1.1.2, remote AS 1, external link 


Index 1, Offset @, Mask @x2 
BGP version 4, remote router ID 10.1.1.2 
BGP state = Established, table version = 4, up for 00:08:56 
Last read 00:00:56, hold time is 18@, keepalive interval is 60 seconds 
Minimum time between advertisement runs is 30 seconds 
Received 60 messages, 2 notifications, @ in queue 
Sent 58 messages, @ notifications, ® in queue 
Prefix advertised ®, suppressed @, withdrawn 0 
Connections established 2; dropped 1 
Last reset 00:09:27, due to User reset 
3 accepted prefixes consume 96 bytes 
® history paths consume @ bytes 
Connection state is ESTAB, I/O status: 1, unread input bytes: @ 
Local host: 10.1.1.1, Local port: 11000 
Foreign host: 1@.1.1.2, Foreign port: 179 


Troubleshooting 


1 Verify that the BGP neighbors are in the Established state using the show ip bgp 
neighbors command. 


If the neighbor relationship is not in the Established state, see section 8-23. 


3 : neighbor {ip-address | peer-group-name} distribute- 
st {/D-access-list-number-or-name | prefix-list-name} in 


Syntax Description: 
* — ip-address—Neighbor’s IP address. 
e 


peer-group-name—Name of the peer group. See section 8-19. 


ip-access-list-number-or-name—Standard, extended, or named IP access list 
number. 


°  prefix-list-name—Name of an IP prefix list. See sections 8-21 and 8-22. 
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Purpose: To filter incoming route updates from a particular BGP neighbor. 


Cisco IOS Software Release: 10.0. Peer group support was added in Release 11.0, s1 


for named access lists was added in Release 11.2, and prefix list support was ¢ dded 


Release 12.0. 


Configuration Example 1: Block a Particular Route 


In Figure 8-8, Router B is advertising four network prefixes to Router A. Router A fi 


the route update from Router B in order to reject the 172.16.2.0 network. Loopb 
used on Router B to simulate the advertised networks, as shown in the configura 


Figure 8-8 Scenario for the Use of the neighbor distribute-list in Command 


BGP route update 
172.16.0.0/24 
Input distribute list 172.16.1.0/24 
Block 172.16.2.0 ~ 172.16.2.0/24 
172.16.3.0/24 


172.16.1.0/24 


172.16.2.0/24 
172.16.3,0/24 


Router A 
1 
interface Serial® 

ip address 10.1.1.1 255.255.255.252 
! 

router bgp 1 
neighbor 10.1.1.2 remote-as 2 
Router & 
ip subnet-zero 

! 

interface Loopback® 

ip address 172.16.@.1 255,255,255. 
! 

interface Loopback! 

ip address 172.16.1.1 255.255.255.0 
| 


- neighbor {ip-address | peer-group-name} distribute-list {ip-access-list-number-or-name | . . 


(Continued) 

interface Loopback2 

ip address 172.16.2.1 255.255.255.0 
! 

interface Loopback3 

ip address 172.16.3.1 255.255.255.0 
1 


interface Serial@ 

ip address 10.1.1.2 255.255.255.252 
clockrate 64000 

! 

router bgp 2 

network 172.16.0.0 mask 255,.255.255.8 
network 172.16.1.8 mask 255,255.255.0 
network 172.16.2.0 mask 255.255.255.0 
network 172.16.3.0 mask 255.255.255.9 
neighbor 10.1.1.1 remote-as 1 


Before proceeding to the distribute list example, you need to verify that Router A is 
receiving the routes from Router B: 


rtrA#show ip bgp 

BGP table version is 5, local router ID is 172.17,1.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Metric LocPrf Weigh ath 
172.16.0.0/24 ° P 0 
172.16.1.0/24 ) 
172.16.2.0/24 afta be ® 

i) 


172.16.3.0/24 


P 
2 
2 
2 
2 


Modify the BGP configuration on Router A to filter the 172.16.2.0 prefix that is being 
received from Router B: 
Router A 


router bgp 1 
neighbor 1@.1.1.2 remote-as 2 


e di e. s an IP access list. For this example, the access list — 

iber is 1. The first Statement in access list 1 rejects the 172.16.2.0/24 network. The 
second line in the access list is necessary because there is an implicit deny any at the end 
of every IP access list. Without the permit any statement, all routes from Router B would 
be rejected. 
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Verification 
Verify that Router A is using the access list: 


rtrA#show ip bgp neighbors 
BGP neighbor is 10.1.1.2, remote AS 2, external link 
Index 1, Offset @, Mask @x2 
BGP version 4, remote router ID 172.16.3.1 
BGP state = Established, table version = 5, up for 00:10:08 
Last read 00:00:08, hold time is 180, keepalive interval is 60 seconds 
Minimum time between advertisement runs is 30 seconds 
Received 14 messages, ® notifications, @ in queue 
Sent 13 messages, @ notifications, @ in queue 
Prefix advertised 0, suppressed @, withdrawn 0 


Connections established 1; dropped 0 

Last reset never 

4 accepted prefixes consume 128 bytes 

® history paths consume @ bytes 
Connection state is ESTAB, I/O status: 1, unread input bytes: 0 
Local host: 10.1.1.1, Local port: 11028 
Foreign host: 1@.1.1.2, Foreign port: 179 


Finally, check the BGP routing table on Router A to ensure that the 172.16.2.0/24 
has been filtered: 


rtrA#show ip bgp 

BGP table version is 4, local router ID is 172.17.1.1 
Status codes: s suppressed, d damped, h history, * valid, > best, i - interna: 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
*> 172.16.0.0/24 10.4,.%.2 V4) ®2i 
*> 172.16,1.0/24 10.1.1.2 @ @2i 
*> 172.16.3.0/24 1051.4.2 1) @2i1 


Configuration Example 2: Allow a Particular Route and Block A 
Others 


For this example, we will allow network 172.16.2.0/24 and block all other route 
advertisements from Router B. The access list required on Router A is 


access-list 1 permit 172.16.2.0 0.0,.0.255 


The BGP router configuration on Router A remains unchanged. Because there is ¢ 
deny any at the end of every access list, we will let this implicit statement block 
remaining routes. 


6: neighbor {ip-address | peer-group-name} distribute-list {ip-access-list-number-or-name | . . . 


ification 
| As in the previous example, check the BGP table on Router A to verify that only network 
172.16.2.0/24 is in the BGP table: 


rtrA#show ip bgp 

BGP table version is 2, local router ID is 172.17.1.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
*> 172.16.2,0/24 10.1.1.2 ) @21 


‘onfiguration Example 3: Allow an Aggregate Route and Block the 
2>-Specific Routes 
Assume that Router B is advertising an aggregate advertisement for 172.16.0.0/22 and the 
four more-specific routes 172.16.0.0/24, 172.16.1.0/24, 172.16.2.0/24, and 172.16.3.0/24. 
The BGP configuration for Router B would become 
router bgp 2 
network 172.16.@.0 mask 255.255.255.0 
network 172.16.1.0 mask 255.255.255.0 


network 172.16.2.0 mask 255.255.255.0 
network 172.16.3.0 mask 255.255.255.0 


neighbor 10.1.1.1 remote-as 1 


The BGP table on Router A would contain 


rtrA#show ip bgp 

BGP table version is 10, local router ID is 172.17.1.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
172.16.0.0/24 10.1.1.2 


. 172,16.1.0/24 
172.16.2.0/24 
172.16.3.0/24 


access-list 1 deny 172.16.0.0 @.0.0.255 
access-list 1 deny 172.16.1.0 0.0.0.255 
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(Continued) 

access-list 1 deny 172.16.2.0 9.@.@.255 
access-list 1 deny 172.16.3.0 0.0.0.255 
access-list 1 permit 


Unfortunately, the first statement also blocks the aggregate route. If we rearrange 
statements, we could try this: . 


s-list 1 deny 172.16.0.0 0.0.0.2 
access-list 1 deny 172.16.1.0 0.0.0.255 
access-list 1 deny 172.16.2.@ 0.0.0.255 
access-list 1 deny 172.16.3.0 0.0.0.255 


Now the first statement allows all the coats only way to permit the aggr 
reject the specific routes is to use an extended IP access list, Normally, the second 
mask pair in an extended IP access list signifies the destination address and m : 
distribute list, the second address/mask pair indicates the mask size. Therefore, we ¢a 
the following: 


Router A a 
router bgp 1 


Verification 


By examining the BGP table on Router A, we can verify that the extended access li 
permitted only the aggregate address: 


rtrA#show ip bgp 

BGP table version is 2, local router ID is 172.17,1.1 
Status codes: s suppressed, d damped, h history, * valid, > best, i - intere 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
*> 172.16.0.0/22 1.1.1.2 @2i 
i 
Troubleshooting 
1 Verify that the BGP neighbors are in the Established state using the show ip P| 
neighbors command, 


If the neighbor relationship is not in the Established state, see section ‘8-230 


2 Verify that the advertising router has the routes in the BGP table using them 
bgp command, If the routes are not in the BGP table, see sections 9-1 and 9 
proper use of the network command. 
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3 Verify that the routes are in the receiving router’s BGP table. If they are not, check the 
syntax of the access list associated with the distribute list. 


4 If the routes are not in the BGP table on Router A, and you are sure that there are no 
errors in the configuration for Router B, clear and restart the BGP connection using 
clear ip bgp * is command 
clears all BGP connections. To clear a particular neighbor, use the neighbor's IP 
address in place of the *. After clearing the connection, you can monitor the BGP 
route exchange using debug ip bgp updates, which should produce output similar to 
the following for the first configuration: 


rtrA#debug ip bgp updates 

6d15h: BGP: 10.1.1.2 rcv UPDATE w/ attr: nexthop 10.1.1.2, origin i, metric ®, path 2 
6d15h; BGP: 10.1.1.2 rev UPDATE about 172.16.0.0/24 

6d15h: BGP: 10.1.1.2 rev UPDATE about 172,16.1.0/24 


6d15h: BGP: 10.1.1.2 rcv UPDATE about 172.16.3.0/24 


For the second configuration, the debug output will be similar to this: 


rtr A#debug ip bgp updates 
6d15h: BGP: 10.1.1.2 rev UPDATE w/ attr: nexthop 10.1.1.2, origin i, metric @, path 2 


6d15h: BGP: 10.1.1.2 rcv UPDATE about 172,16,2.0/24 


‘7: neighbor {ip-address | peer-group-name} distribute- 
{ip-access-list-number-or-name | prefix-list-name} out 


Syntax Description: 
* — ip-address—Neighbor’s IP address. 
° — peer-group-name—Name of the peer group. See section 8-19. 
° — ip-access-list-number-or-name—Standard, extended, or named IP access list 
number. 
e 


prefix-list-name—Name of an IP prefix list. See sections 8-21 and 8-22. 


Purpose: To filter outgoing route updates to a particular BGP neighbor. Only one distribute 
list can be used per neighbor. The operation of the output distribute list is identical for both 
IBGP and EBGP neighbors. 
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Cisco IOS Software Release: 10.0. Peer group support was added in Release 11.0, s 
for named access lists was added in Release 11.2, and prefix list support was addeg 
Release 12.0. a 


Configuration Example 1: Block a Particular Route | 


In Figure 8-9, Router B is advertising four network prefixes to Router A. Router B 
the route update to Router A in order to reject the 172.16.2.0 network. Loopbacks a 
on Router B to simulate the advertised networks, as shown in the following config 


Figure 8-9 Scenario for the Use of the neighbor distribute-list out Command 


BGP route update 
5 4 172.16.0.0/24 
utput distribute list 172.16.1.0/24 
Block 172.16.2.0 ~ 172.16.2.0/24 
172.16.3.0/24 


172.16.0.0/24 
172.16.1.0/24 


172.16.2,0/24 
172.16,3,0/24 


Router A 

t 

interface Serial@ ' 
ip address 10.1.1.1 255.255.255.252 , 
! 

router bgp 1 

neighbor 10.1.1.2 remote-as 2 
Router 6 

ip subnet-zero 

1 

interface Loopback® 

ip address 172.16.0.1 255.255.255.8@ 
! 

interface Loopback1 

ip address 172.16.1.1 255.255.255.0 
I 
interface Loopback2 

ip address 172.16.2.1 255.255.255.9 
! 
interface Loopback3 

ip address 172.16.3.1 255.255.255.0 
! 
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(Continued) 
interface Seriald 

ip address 10.1.1.2 255.255.255.252 
clockrate 64000 

! 

router bgp 2 

network 172.16.0.0 mask 255.255.255.0 
network 172.16.1.@ mask 255.255.255.0 
network 172.16.2.0 mask 255.255.255.0 
network 172.16.3.0 mask 255.255.255.0 


neighbor 10.1.1.1 remote-as 1 


Before proceeding to the distribute list example, verify that Router A is receiving the routes 
from Router B: 


rtrA#show ip bgp 

BGP table version is 5, local router ID is 172.17.1.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Metric LocPrf Weigh 
172.16.0.0/24 ite t) 
172.16.1,0/24 ® 
172.16.2.0/24 ts 0 
172.16.3.0/24 i) 


t Path 
@2 
@2 
@2 
@2 


Modify the BGP configuration on Router B to filter the 172.16.2.0 prefix that is being sent 
on Router A: 
Router B 


router bgp 2 
neighbor 10.1.1.1 remote-as 2 


The distribute list always references an IP access list. For this example, the access list number 
is 1, The first statement in access list | rejects the 172.16.2.0/24 network. The second line in 
the access list is necessary because there is an implicit deny any at the end of every IP access 
list. Without the permit any statement, all routes to Router A would be rejected. 


Cation 


Verify that Router B is using the access list: 


rtrB#show ip bgp n 
BGP neighbor is 10.1.1.1, remote AS 1, external link 
Index 1, Offset @, Mask 0x2 
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(Continued) 
BGP version 4, remote router ID 172.17,1.1 
BGP state = Established, table version = 6, up for 90:00:25 
Last read 00:00:25, hold time is 180, keepalive interval is 60 seconds 
Minimum time between advertisement runs is 30 seconds 
Received 47 messages, 3 notifications, @ in queue 
Sent 63 messages, ® notifications, ® in queue 
Prefix advertised 32, suppressed ®, withdrawn 1 


Connections established 7; dropped 6 

Last reset 00:00:50, due to User reset 

@ accepted prefixes consume ® bytes 

® history paths consume @ bytes . 
Connection state is ESTAB, 1/0 status: 1, unread input bytes: @ 
Local host: 10.1.1.2, Local port: 11054 
Foreign host: 10.1.1.1, Foreign port: 179 


Check the BGP routing table on Router A to ensure that the 172.16.2.0/24 networkh 
filtered: 


rtrA#show ip bgp 

BGP table version is 4, local router ID is 172.17.1.1 
Status codes: s suppressed, d damped, h history, * valid, > best, i - intern 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
*> 172.16.0.0/24 10,.1.1.2 Q @2i 
*> 172,.16.1.0/24 10.1.1.2 1) @2i 
*> 172.16.3.0/24 10.1.1.2 Q @2i 


Configuration Example 2: Allow a Particular Route and Block All O 
For this example, we will allow network 172.16.2.0/24 and block all other route 
advertisements to Router A. The access list required on Router B is 

access-list 1 permit 172.16.2.0 0.0.0.255 
The BGP router configuration on Router B remains unchanged. Because there is al i 


deny any at the end of every access list, we will let this implicit statement block th 
remaining routes. 


Verification | 
As in the previous example, check the BGP table on Router A to verify that 6 aly 
172.16.2.0/24 is in the BGP table: 


rtrA#show ip bgp 

BGP table version is 2, local router ID is 172.17.1.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - 
Origin codes: i - IGP, e - EGP, ? - incomplete 
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(Continued) 


Network Next Hop Metric LocPrf Weight Path 
*> 172.16.2.0/24 10.1.1.2 e ®@2I 


onfiguration Example 3: Allow an Aggregate Route and Block the 
lore-Specific Routes 
Assume that Router B is advertising an aggregate advertisement for 172.16.0.0/22 and the 


four more-specific routes 172.16.0.0/24, 172.16.1.0/24, 172.16.2.0/24, and 172.16.3.0/24. 
The BGP configuration for Router B would become 

router bgp 2 

network 172.16.0.0 mask 255.255.255.0 

network 172.16.1.@ mask 255.255.255.0 


network 172.16.2.8 mask 255.255.255.0 
network 172.16.3.0 mask 255.255.255.0 


neighbor 10.1.1.1 remote-as 1 


The BGP table on Router A would contain 


rtrA#show ip bgp 
BGP table version is 5, local router ID is 172.17.1.1 
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 

Network Metric LocPrf Weight Path 
*> 172.16.0.0/24 PS ea ie 4) 
*> 172.16.1.0/24 Ved. ) 
“> 172.16.2.0/24 AS 1S Tr 1) 
*> 172,16.3.0/24 Q 


c 
®@2 
®2 
@2 
@2 


t 
RE 
i 
i 
i 


If we want to allow only the aggregate route and block the more-specific routes, a standard 
IP access won't work. To allow the aggregate using a standard IP access list while blocking 
the more-specific routes, we could try the following access list: 


access-list 1 deny 172.16.0.0 0.0.0.255 
access-list 1 deny 172.16.1.0 @.0.0.255 
access-list 1 deny 172.16.2.@ 0.0.0.255 
access-list 1 deny 172.16.3.@ 0.0.0.255 
access-list 1 permit 172.16.0.0 0.0.255.255 
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Unfortunately, the first statement also blocks the aggregate route. If we rearrange th 
statements, we could try this: 


access-list 1 permit 172.16.0. 
access-list 1 deny 172.16.8. 


6.0 -®@.255.255. 

0.0 
access-list 1 deny 172.16.1.90 

2.0 

3.0 


-@.8.255 
-®.0.255 
-@.0.255 
-®.255 


access-list 1 deny 172.16.2. 


80 
®.0 
®.0 
0.0 
access-list 1 deny 172.16.3.9 9.0 


Now the first statement allows all the routes. The only way to permit the aggregate 
reject the specific routes is to use an extended IP access list. Normally, the second ad, 
mask pair in an extended IP access list signifies the destination address and mask. Fe 
distribute list, the second address/mask pair indicates the mask size. Therefore, we eg 
this: 


Router B 7 
router bgp 2 


Verification 


By examining the BGP table on Router A, we can verify that the extended access lis 
permitted only the aggregate address. 


rtrA#show ip bgp 

BGP table version is 2, local router ID is 172.17.1.1 
Status codes: s suppressed, d damped, h history, * valid, > best, i - interna 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
*> 172.16.0.0/22 10.1.1.2 @2i 
Troubleshooting 


1 Verify that the BGP neighbors are in the Established state using the show ip b 
neighbors command. . 
If the neighbor relationship is not in the Established state, see section 8-23. 


2 Verify that the advertising router has the routes in the BGP table using the Sh@ 
bgp command. If the routes are not in the BGP table, see sections 9-1 and 9-2 
proper use of the network command. 


3 Verify that the routes are in the receiving router’s BGP table. If they are not, che 
syntax of the access list associated with the distribute list. 
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4 If the routes are not in the BGP table on Router A, and you are sure that there are no 
errors in the configuration for Router B, clear and restart the BGP connection using 
clear ip bgp *, This command can be used on either Router A or B. This command 
clears all BGP connections. To clear a particular neighbor, use the neighbor’s IP 
address in place of the *. After clearing the connection, you can monitor the BGP 
route exchange using debug ip bgp updates, which should produce output similar to 
the following for the first configuration: 


6di5n: BGP: 10.1.1.1 computing updates, neighbor version 1, table version 5, 
starting at 0.0.0.0 

6di5h: BGP: 10.1.1.1 send UPDATE 172.16.0.0/24, next 10.1.1.2, metric @, path 2 
6d15h: BGP: 10.1.1.1 send UPDATE 172.16.1.0/24 (chgflags: @x8), next 10.1.1.2, path 
(before routemap/aspath update) 

6d15h: BGP: 10.1.1.1 send UPDATE 172.16.3.0/24 (chgflags: @x8), next 10.1.1.2, path 
(before routemap/aspath update) 


For the second configuration, the debug output will be similar to this: 


6d15h: BGP: 1@.1.1.1 computing updates, neighbor version 1, table version 5, 
starting at 0.0.0.0 
6d15h: BGP: 10.1.1.1 send UPDATE 172.16.2.0/24, mext 10.1.1.2, metric 0, path 2 


8-9: neighbor {ip-address | peer-group-name} ebgp- 
‘multihop maximum-hop-count 
Syntax Description: 
© = ip-address—Neighbor’s IP address. 
©  peer-group-name—Name of the peer group. See section 8-19. 


© — maximum-hop-count—Optional parameter with a value of | to 255. The default hop 
count is 255. 


Purpose: EBGP neighbors are typically directly connected. In situations in which EBGP 
neighbors are not directly connected, the ebgp-multihop option must be used in order to 
form a neighbor relationship. 


Cisco IOS Software Release: 10.0. Peer group support was added in Release 11.0. 


150 Chapter 8: Neighbor Configuration 


Configuration Example: Nonconnected EBGP Neighbors 


Figure 8-10 shows a situation in which we are trying to establish an EBGP connectie 
between two routers that are not oer connected. A 


; tablish the c on. On aNowerA, ‘the default ita count of 255i is rr 
Router C,: a maximum ThSp count of 2 is used. A maximum hop count of | is inte 
directly connected and therefore has no effect. 


Figure 8-10 ebgp-multihop /s Used to Form an EBGP Connection Between Peers That Are Not Directly 
Connected " 


510.1.2.4 10.1.2.2 


Not BGP capable 


Router A 
router bgp 1 


remote-as 2 


Verification 


Verification is the same as with directly connected EBGP neighbors. Use the she 
neighbors command to verify that the relationship has been established: 


rtrA#show ip bgp neighbors 
BGP neighbor is 10.1.2.2, remote AS 2, external link 
Index 1, Offset @, Mask x2 
BGP version 4, remote router ID 172.17.1.2 
BGP state = Established, table version = 1, up for 08:07:52 
Last read 00:00:52, hold time is 180, keepalive interval is 60 seconds 
Minimum time between advertisement runs is 30 seconds 
Received 10 messages, @ notifications, @ in queue 
Sent 10 messages, ® notifications, ® in queue 
Prefix advertised @, suppressed ®, withdrawn ® 
Connections established 1; dropped @ 
Last reset never 
@ accepted prefixes consume ® bytes 
® history paths consume ® bytes 
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(Continued) 


Connection state is ESTAB, I/O status: 1, unread input bytes: 0 
Local host: 10.1.1.1, Local port: 179 
Foreign host: 10.1.2.2, Foreign port: 11048 


r show ip bgp neighb 
BGP neighbor is 1.1.1.1, remote AS 1, external link 
Index 1, Offset @, Mask @x2 
BGP version 4, remote router ID 172.17.1.1 
BGP state = Established, table version = 1, up for 00:02:01 
Last read 00:00:01, hold time is 180, keepalive interval is 60 seconds 
Minimum time between advertisement runs is 30 seconds 
Received 20 messages, @ notifications, @ in queue 
Sent 2@ messages, @ notifications, ® in queues 
Prefix advertised ®, suppressed 0, withdrawn @ 
Connections established 2; dropped 1 
Last reset 00:03:37, due to User reset 
@ accepted prefixes consume ® bytes 
®@ history paths consume @ bytes 


Connection state is ESTAB, I/0 status: 1, unread input bytes: 0 
Local host: 10.1.2.2, Local port: 179 
Foreign host: 10.1.1.1, Foreign port: 11011 


2 If the ping is successful, ensure that you are using the correct neighbor IP address, 
remote AS number, and hop count in the respective BGP configurations. 


$-path-list-number in 
Syntax Description: 
* — ip-address—Neighbor's IP address. 


* — peer-group-name—Name of the peer group. See section 8-19. 


* — as-path-list-number—IP AS path list number. 


of the input filter list is identical for 


Cisco IOS Software Release: 10.0. Peer group support was added in Release 11.0. 
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Configuration Example 1: Block Routes Originating from a 
Particular AS 
In Figure 8-11, Routers B and C are advertising four network prefixes. Router A filte 
route update from Router B in order to reject networks originating from AS 3. The 


listed in the AS path list is the originating AS. Loopbacks are used on Routers B ang 
simulate the advertised networks, as shown in the configuration. ' 


Figure 8-11 Scenario for the Use of the neighbor filter-list in Command 


Input AS path filter 


BGP route update 
172.16.0.0/24 
172.16.1.0/24 
172.16.2.0/24 
172.16.3.0/24 


BGP route update 


198.16.0.0/24 
198.16.1.0/24 
198.16.2.0/24 
198.16.3.0/24 


Router A 
interface Serial@ 

ip address 10.1.1.1 255.255.255.252 
! 

router bgp 1 

neighbor 10.1.1.2 remote-as 2 
Router & 

ip subnet-zero 

| 

interface Loopback® 

ip address 172.16.0.1 255.255.255.0 
! 

interface Loopback1 

ip address 172.16.1.1 255.255.255.0 
! 

interface Loopback2 

ip address 172.16.2.1 255.255.255.0 
! 

interface Loopback3 

ip address 172.16.3.1 255.255.255.@ 
! 


8-10: neighbor {ip-address | peer-group-name} filter-list as-path-list-number in 153 


(Continued) 
interface Serial@ 
ip address 10.1.1.2 255.255.255.252 

clockrate 64000 

! 

router bgp 2 

network 172.16.0.@ mask 255.255.255.0 
network 172.16.1.0 mask 255.255,255.0 
network 172.16.2.8 mask 255.255.255.0 
network 172.16.3.0 mask 255.255.255.0 
neighbor 10.1.1.1 remote-as 1 
neighbor 10.1.2.2 remote-as 3 


ip subnet-zero 
! 
interface Loopback® 
ip address 198.16.0.1 255.255.255.0 


interface Loopback1 

ip address 198.16.1.1 255.255.255.0 
! 
interface Loopback2 

ip address 198.16.2.1 255.255.255.0 
{ 

interface Loopback3 

ip address 198.16.3.1 255.255.255.0 
t 

interface Seriald 

ip address 10.1.2.2 255.255.255.252 
! 
router bgp 3 

network 198.16.0.@ 

network 198.16.1.0 

network 198.16.2.0 

network 198.16.3.0 

neighbor 10.1.2.1 remote-as 2 


Before proceeding to the filter list example, verify that BGP is propagating the routes: 


rtrAfshow ip bgp 
BGP table version is 22, local router ID is 172.17.1.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
*> 172.16.0.0/24 10.1.14.2 ts) @2i 
*> 172.16.1.0/24 10,1.14.2 i] @2i 
*> 172.16.2.0/24 +O; tells Q @2i 
*> 172.16.3.0/24 10.1.1.2 1) @2i 
*> 198.16.0.2 10.1.1.2 @23i 
*> 198.16.1.0 10.1.1.2 @23i 
*> 198.16.2.0 10.1.1.2 e23i 
*> 198.16.3.0 10.1.1.2 @23i 
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gp 
BGP table version is 9, local router ID is 172.16.3.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 

*> 172.16.0.0/24 2.2.0.0 ® 32768 i 
*> 172.16.1.0/24 @.2.0.0 i) 32768 i 
"> 172.16.2.0/24 8.0.0.0 Q 32768 i 
*> 172.16.3.0/24 0.0.0.0 @ 32768 i 
*> 198.16.0.8 10.1.2.2 Q ®3 
*> 198.16.1.0 10.1.2.2 vi) 03 
*> 198.16.2.0 10.4.2.2 e 23 

16.3.0 10.1.2.2 ti) 03 


198. 
iS 

BGP table version is 18, local router ID is 198.16.3.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - 

Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
"> 172.16.0.0/24 SI Jee aa Q @2i 
*> 172,.16.1.0/24 10.1,.2.1 e @2i 
*> 172.16.2.0/24 10.1.2.1 4) @2i 
“> 172.16.3.0/24 10.1.2.4 a ®@2i 
“> 198.16.0.0 0.0.9.0 i) 32768 i 
"> 198.16.1.0 6.0.0.0 @ 32768 i 
*> 198.16.2.0 2.2.0.0 ] 32768 i 
198.16.3.8 ®.0.0.9 i) i 


Notice the AS path information contained in the BGP tables of the three routers. e 
router sends an update to another router in a different AS, the advertising router p 
its AS number to the update. This information is used to filter the updates. For this 


routes that originate in AS 3. We can identify the routes originating in AS 3 by look 
the last AS number in the AS path information. If the last AS number is 3, these 
originated in AS 3. We don’t care how many AS numbers are listed in the path as 
the last AS number is 3. 


In order to filter routes based on AS path information, we need to use an AS path: ilte 
in conjunction with the BGP filter-list command. An AS path filter utilizes regular 
expressions to match patterns in the AS path list. Refer to Appendix B for a disc 
regular expressions, The regular expression used to match any prefix originating M10 
3 is _3$. Two of the characters that an underscore matches are a space and the begia 
of-string character, There is always a space between the AS numbers listed in an 
The 3$ must match a 3 and then the end-of-string character. So, the regular expr 
matches any path originating from AS 3, regardless of the length of the AS path. Nt 
modify the BGP configuration on Router A to filter routes originating in AS 3: 
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Router A 
router bgp 1 


neighbor 10.1.1.2 remote-as 2 


The filter list always references an IP AS path access list. For this example, the AS path 
access list number is 1, The first statement in access list 1 rejects any routes originating in 
AS 3. The second line in the AS path access list is necessary because there is an implicit 
deny any at the end of every AS path access list. Without the permit .* statement, all routes 
from Router B would be rejected. 


erification 
Verify that the routes originating in AS 3 are being blocked on Router A: 


rtrA#show ip bgp 

BGP table version is 5, local router ID is 172.17.1.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Metric LocPrf Weigh 
172.16.0.0/24 10.1.1. () 
172.16.1.0/24 10.1.1. U1) 
172.16.2.0/24 10.1.1. @ 
172.16.3.0/24 ) 


Configuration Example 2: Block Routes Originating in AS 3 But 
Allow Routes That Pass Through AS 3 
Remove the AS path filter on Router A using the no form of the filter-list command: 


Router A 
router bgp 1 
no neighbor 10.1.1.2 filter-list 1 in 


For this example, we will modify the AS path information associated with networks 
198.16.0.0/24 and 198.16.1.0/24. The modification makes these routes look like they 
originated in AS 4. This is accomplished by using a route map on Router C. 


Router C 


router bgp 3 
network 198.16 
network 198.16. 
network 198.16, 


-8.8 
1.0 
2.8 
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(Continued) 
network 198.16.3.0 
neighbor 10.1.2.1 remote-as 2 


fa 
access-list 1 permit 198.16.0.0 @.0.1.255 
route-map adjust permit 10 
match ip address 1 

set as-path prepend 4 

! 

route-map adjust permit 20 


The route map on Router C prepends AS number 4 onto the 198.16.0.0/24 and 1 
24 prefixes in order to demonstrate the AS path filter used in this example. Before it 
the new AS path filter on Router A, check the BGP tables on Routers A and B tos 
AS path information has been modified: 


rtrBeshow ip bgp 
BGP table version is 3@, local router ID is 172.16.3.1 
Status codes: s suppressed, d damped, h history, * valid, > best, i - interr 
Origin codes: i - IGP, e - EGP, 7? - incomplete 


Network Next Hop Metric LocPrf Weight Path 


*> 172.16.0,0/24 @.0.0.0 ® 32768 i 
"> 172.16.1.0/24 %.9.0.8 ® 32768 i 
*> 172.16.2.0/24 0.9.9.9 Q 32768 i 

0.0.0.0 1) i 


172.16.3.0/24 
"> 198.16.2.0 10.1.2. 
*> 198.16.3.0 10.1.2.2 
rtrArsnow ip bgp 
BGP table version is 9, local router ID is 172.17.1.1 


Status codes: s suppressed, d damped, h history, * valid, > best, i -. 
Origin codes; i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 

*> 172.16.0.8/24 10.1.1.2 4) 92i 
*> 172.16.1.0/24 10.4.1.2 @ 
*> 172.16.2.0/24 10.1.1.2 ® 
1.2 1) 


172.16.3.0/24 10.1.1. 


198.16.2.0 
198.16.3.0 


The AS path filter that we will use is the same one used in Configuration Examy 

demonstrates that the filter blocks only routes originating in AS 3 but allows ro 
have passed through AS 3. Of course, all the 198.16.x.x routes originated in AS 3y 
Routers A and B now think that two of the routes originated in AS 4: 
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Router A 
router bgp 1 
neighbor 10.1.1.2 remote-as 2 


erification 
As in the previous example, check the BGP table on Router A to verify that only the 
networks whose AS path information ends in 3 are being blocked: 

rtrA#show ip bgp 

BGP table version is 7, local router ID is 172.17.1.1 


Status codes: $ suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, 7 - incomplete 


Network Metric LocPrf Weigh 


172.16.0.0/24 w Vets a 
172.16.1.0/24 a 
172.16.2.0/24 @ 
172.16.3.0/24 4] 
198.16.0.0 
198.16.2%0 


Sonfiguration Example 3: Block All Routes Containing AS Path 
Number 3 


For this configuration example, we want to block any route whose AS path contains a 3. 
Remove the AS path list on Router A using the no form of the command: 


Router A 

router bgp 1 

no neighbor 1@.1.1.2 filter-list 1 in 
! 

no ip as-path acess-list 1 


Because we have changed a neighbor policy. we need to use the clear ip bgp * command 
in order for the new policy to take effect. The BGP table on Router A should again contain 
all the routes being advertised by Router B: 


rtrA#show ip bgp 
BGP table version is S$, local router ID is 172.17.1.1 


Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


continues 


158 Chapter 8: Neighbor Configuration 


Verification 


(Continued) 
Network Next Hop Metric LocPrf Weight Path 
*> 172.16.0.0/24 10.1.1.2 @ ®2 
*> 172.16.1.0/24 10.1.1.2 0) @2 
*> 172.16.2.0/24 10.1.1.2 i) 02 
*> 172.16.3.0/24 whee Q ®@2 


The filter we want to use for this example should match any AS path containing a 3, 
patterns will match a 3 anywhere in the AS path: 


beginning of string>3<space> 
beginning of string>3<end of string> 
<space>3<end of string> 


Because an underscore matches a space, beginning of string, or end of string, we cat 
the regular expression _3_ to match all four patterns. Configure the AS path filter list 
Router A: 
Router A 


router bgp 1 
neighbor 10.1.1.2 remote-as 2 


Check the BGP table on Router A to verify that any route containing a 3 in the AS pai | 
been blocked: 


rtrA#show ip bgp 
BGP table version is 5, local router ID is 172.17.1.1 J 
Status codes: s suppressed, d damped, h history, * valid, > best, i - interna 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
*> 172.16.0.0/24 10.1.1.2 ts) 
*> 172.16.1.0/24 10.1.1.2 ® 
*> 172.16.2.0/24 10.1.1.2 i) 

172.16.3.0/24 Tit<2 ) 
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nfiguration Example 4: Block All Routes Originating from a 


tly Connected EBGP Neighbor 
Routes originating from a directly connected EBGP neighbor contain one AS number in the 
AS path. The form of the AS path is 


<beginning of string>AS number<end of string> 
The regular expression that matches routes from a directly connected EBGP neighbor is 


~AS-numberS Fo this example, WRUSERMeristOnROUerA to block Tones cnginsingy 
GA Cote the following filter on Router A. Remember to remove any existing 
p 


ath filters: 


Router A 
router bgp 1 
neighbor 10.1.1.2 remote-as 2 


erification 

Before you apply the filter, the BGP table on Router A should contain the routes from AS 2: 
rtrA#show ip bgp 
BGP table version is 9, local router ID is 172.17.1.1 


Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LooPrf Weight Path 


After you apply the AS path filter, the routes originated by AS 2 should be gone: 


rtrA#show ip bgp 
BGP table version is 9, local router ID is 172.17.1.1 


Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


continues 
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Troubleshooting 


(Continued) 

Network Next Hop Metric LocPrf Weight Path 
*> 198.16.0.0 10.1.1.2 @234i 
*> 198.16.1.0 1014.2 @23 4i 
*> 198.16.2.0 10.1.1.2 @2si 
*> 198.16.3.0 10.1.1.2 023i 


1 Verify that the BGP neighbors are in the Established state using the show ip bg 


neighbors command. 


If the neighbor relationship is not in the Established state, see section 8-23, 
2 Verify that the routes to be filtered are being advertised using the show ip bgp 
command. ; 


3 Insome cases, there might not be any routes to filter. Your filter might be used to] 
future advertisements from a particular AS. In this case, the routes will not 
BGP table. 


4 If routes that you think should be filtered are showing up in the BGP table, c 7 2¢ 
syntax of your AS path filter and your regular expressions. You can check the 
operation of the filters by debugging the BGP updates. For the third ep 
debug output would be similar to this: 


Router A 


6d16h: BGP: CFerkvs UPDATE w/ attr: nexthop 10.1.1.2, origin 

path 2 
6d16h: BGP: 10.1.1. 
6d16h: BGP: 10. 
6d16h: BGP: 10. 
6d16h: BGP: 10. 
6d16h: BGP: 


rev UPDATE about 172.16.0.0/24 
rev UPDATE about 172.16.1.0/24 
UPDATE about 172.16.2.0/24 
rcv UPDATE about 172.16.3.0/24 
UPDATE w/ attr: nexthop 10.1.1.2, origin 


Ee AW 
Se ob CTE 
pwn hprhy 

2 

Oo 

< 


. the debug output would be similar to this: 


UPDATE w/ attr: nexthop 10.1.1.2, origin 
rev UPDATE about 198.16.2.0/24 
rcv UPDATE about 198.16.3.0/24 
rcv UPDATE w/ attr: nexthop 10.1.1.2, origin i, 


6d16h; BGP: 10. 
6d16h: BGP: 10. 
6d16h: BGP: 10.1. 


ypu WL 


- 

> as at 
a "(8c Be 

SS a 
. 


UPDATE w/ attr: nexthop 10.1.1.2, origin 
rcv UPDATE about 198.16.0.0/24 
UPDATE about 198.16.1.0/24 
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3.41: neighbor {ip-address | peer-group-name} filter-list 
as-path-list-number out 
Syntax Description: 

© — ip-address—Neighbor’s IP address. 

© — peer-group-name—Name of the peer group. See section 8-19. 

© — as-path-list-number—IP AS path list number. 


Purpose: To filter outgoing route updates to a particular BGP neighbor. Filtering is based 
on AS path information. Only one filter list can be used per neighbor. The operation of the 
output filter list is identical for both IBGP and EBGP neighbors. 


Cisco IOS Software Release: |0.0. Peer group support was added in Release 11.0. 


Configuration Example 1: Block Routes Originating from a 
Particular AS 

In Figure 8-12, Routers B and C are advertising four network prefixes. Router B filters the 
route update to Router A in order to reject networks originating from AS 3. The last AS 


listed in the AS path list is the originating AS. Loopbacks are used on Routers B and C to 
simulate the advertised networks, as shown in the configuration. 


Fig ure 8-12 Scenario for the Use of the neighbor filter-list out Conunand 


Output AS path filter) <—— BGP route update 


172.16.0.0/24 
172.16.1.0/24 
172.16.2.0/24 


198.16.0.0/24 
198.16.1.0/24 


Router A 

interface Serial® 

ip address 10.1.1.1 255.255.255.252 
! 


continues 
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(Continued) 
router bgp 1 
neighbor 10.1.1.2 remote-as 2 
Houter B 
ip subnet-zero 
! 
interface Loopback® 


ip address 172.16.0.1 255.255.255.0 
! 


interface Loopback1 

ip address 172.16.1.1 255.255.255.@ 
! 

interface Loopback2 

ip address 172.16.2.1 255.255.255.080 
! 

interface Loopback3 

ip address 172.16.3.1 255.255.255.080 
' 
interface Serial® 

ip address 16.1.1.2 255.255.255.252 
clockrate 64000 

! 
router bap 2 
network 172.1 


6 mask 255.255.255.0 
network 172.16 
6 


9.0 

1.@ mask 255,255.255.8 
network 172.16.2.0 mask 255.255.255.0 
network 172.16.3.@ mask 255.255.255.0 
neighbor 1@.1.1.1 remote-as 1 
neighbor 10.1.2.2 remote-as 3 


ip subnet-zero 
I 

interface Loopback 

ip address 198.16.0.1 255.255.255.0 
! 

interface Loopbacki 

ip address 198.16.1.1 255.255.255.0 
$ 

interface Loopback2 

ip address 198.16.2.1 255.255.255.@ 
! 

interface Loopback3 

ip address 198.16.3.1 255.255.255.8 
! 
interface Serialé@ 

ip address 10.1.2.2 255.255.255.252 
! 
router bgp 3 
network 198.16 
network 198.16. 
network 198.16 


9.8 
1.0 
+2. 
network 198.16.3.0 
neighbor 18.1.2.1 remote-as 2 
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Before proceeding to the filter list example, verify that BGP is propagating the routes:. 


rtrA#show ip bgp 

BGP table version is 22, local router ID is 172.17.1.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Ho Metric LocPrf Weight Path 
172.16.0, 10. ® ®@2 
F 172.16.1. 1. 


@ 

ts} 

172.16.3. 10. i) 
-16.0. 10.1. 
16.1. 10.1. 
-16.2, 10.1. 
10.1. 


1 
1 
172.16.2. 10.1. 
1 
1 


VNNMMNYN WL 


WO WOH he 


Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Metric LocPrf Weight Path 
172.16.0.0/24 -0.0. 1) 32768 
172.16.1.0/24 

172.16.2.0/24 

172.16.3.0/24 

198.16.0.0 

198.16.1.2 

198.16.2.@ 


16.3.0 
IF Pp 5gp 
BGP table version is 18, local router ID is 198.16.3.1 
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 


Origin codes: i - IGP, e - EGP, ? - incomplete 


WO WO WH Hh 


— 


Network Metric LocPrf Weight 
172.16.0.0/24 


172.16.1.0/24 
172.16.2.0/24 
172.16.3.0/24 
1198.16.06 

198.16.1 

198.16.2. 
198.16.3. 


esses coco sc 8S 


Notice the AS path information contained in the BGP tables of the three routers. Before a 
router sends an update to another router in a different AS, the advertising router prepends 
its AS number to the update. This information is used to filter the updates. For this example, 
we want to filter the route update that Router B is sending to Router A and block routes that 
originate in AS 3. We can identify the routes originating in AS 3 by looking at the last AS 
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Verification 


number in the AS path information. If the last AS number is 3, these routes originat 
AS 3. We don’t care how many AS numbers are listed in the path, as long as the ], 
number is 3. In order to filter routes based on AS path information, we need to us 
path filter in conjunction with the BGP filter-list command. An AS path filter utilize 
regular expressions to match patterns in the AS path list. Refer to Appendix B for 4 

discussion of regular expressions. The regular expression used to match any pre x 
originating from AS 3 is _3$. Two of the characters that an underscore matches 
and the beginning-of-string character. There is always a space between the AS n 
listed in an AS path, The 3$ must match a 3 and then the end-of-string characte; 
regular expression _3$ matches any path originating from AS 3, regardless of the 
the AS path. Now modify the BGP configuration on Router B to filter routes orig 
AS 3: 


Router B 
router bgp 2 

neighbor 10.1.1.1 remote-as 1 
neighbor 10.1.2.2 remote-as 3 
neighbor 10.1.1.1 filter-list 1 out 


! 
ip as-path access-list 1 deny 3S 
ip as-path access-list 1 permit .* 


The filter list always references an IP AS path access list. For this example, the AS) 
access list number is 1. The first statement in access list | rejects any routes origi 
AS 3. The second line in the AS path access list is necessary because there is ant 
deny any at the end of every AS path access list. Without the permit .* statement, a 


from Router B would be rejected. 


Verify that the routes originating in AS 3 are being blocked on Router A: 


rtrA#show ip bgp 
BGP table version is 5, local router ID is 172.17.1.1 , 
Status codes: s suppressed, d damped, h history, * valid, > best, i - inter 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
*> 172.16.0.0/24 10.1.1.2 @ @2i 
*> 172.16.1.0/24 10.1.1.2 Q i 
*> 172.16.2.0/24 10.1.1.2 ® 

172.16.3.0/24 10.1.1.2 @ 
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ynfiguration Example 2: Block Routes Originating in AS 3 But 
low Routes That Pass Through AS 3 
Remove the AS path filter on Router B using the no form of the filter-list command: 


Router B 
router bgp 2 
no neighbor 10.1.1.1 filter-list 1 out 


For this example, we will modify the AS path information associated with networks 
198.16.0.0/24 and 198.16.1.0/24. This modification makes these routes look like they 
originated in AS 4. This is accomplished by using a route map on Router C: 


Router C 
router bgp 3 
network 198.16.0.0 
network 198.16.1.0 
6.2.0 
6.3.0 


network 198.1 
network 198.1 
neighbor 10.1.2.1 remote-as 2 


The route map on Router C prepends AS number 4 onto the 198.16.0.0/24 and 198.16.1.0/ 
24 prefixes in order to demonstrate the AS path filter used in this example. Before installing 

the new AS path filter on Router B, check the BGP tables on Routers A and B to see if the 

AS path information has been modified: 


rtrB#show ip bgp 

BGP table version is 30, local router ID is 172.16.3.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Metric LocPrf Weight Path 
172.16.0.0/24 -@.@. e 32768 i 
32768 i 


172.16.1,.0/24 -@,0. i} 
172.16.2.0/24 +0... @ 32768 i 
.} 


172.16.3.0/24 $2768 i 


continues 
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Verification 


(Coe) 


Pp og 
BGP table version is 9, local router ID is 172.17.1.1 
Status codes: s suppressed, d damped, h history, * valid, > best, i - intern, 
Origin codes: i - IGP, e - EGP, ? - incomplete mo 


Network Next Hop Metric LocPrf Weight Path 
*> 172.16.0.0/24 10.1.1.2 @ @2i 
*> 172.16.1.0/24 10.1.1.2 @ @21 
*> 172.16.2.0/24 10.1.1.2 1) @2i 
172.16.3.0/24 Tee @ 6 24 


The AS path filter that we will use is the same one used in Configuration Example ] 
demonstrates that the filter blocks only routes originating in AS 3 but allows rou 
have passed through AS 3. Of course, all the 198.16.x.x routes originated in AS. 
Routers A and B now think that two of the routes originated in AS 4: 


Router B 
router bgp 2 

neighbor 10.1.1.1 remote-as 1 
neighbor 10.1.2.2 remote-as 3 
neighbor 10.1.1.1 filter-list 1 out 
! 

ip as-path access-list 1 deny _3$ 
ip as-path access-list 1 permit .* 


As in the previous example, check the BGP table on Router A to verify that only th 
networks whose AS path information ends in 3 are being blocked: 


rtrA#@show ip bgp 
BGP table version is 7, local router ID is 172.17.1.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 


*> 172.16.0.0/24 10.1.1.2 @ @2i 

*> 172.16,1.0/24 10.1.1.2 vi) @2i 

*> 172.16.2.0/24 10.1.1.2 i) @2i 

*> 172,16,3.0/24 10.1.1,2 a 092i 

*> 198.16.0.0 10.1.1.2 @234i1 
198.16.2.0 10.4.1.2 @2341 
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nfiguration Example 3: Block All Routes Containing AS Path 
ymber 3 


For this configuration example, we want to block any route whose AS path contains a 3. 
Remove the AS path list on Router B using the no form of the command: 


Router B 
router bgp 2 
no neighbor 10.1.1.1 filter-list 1 out 


| 
no ip as-path acess-list 1 


The BGP table on Router A should again contain all the routes being advertised by Router B: 


rtrA#show ip bgp 

BGP table version is 9, local router ID is 172.17.1.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next 
172.16.0.0/24 10.1. 


Hop Metric LocPrf Weigh 
1 
172.16.1.0/24 10.1.1 
1 
1 


ath 
172.16.2.0/24 10.1.1. 


it 
@ 2 
@2 
@2 
172.16.3.0/24 10.1. @ 2 


t 
2 i 
4 1) i 
2 () i 
2 ) i 


The filter we want to use for this example should match any AS path containing a 3. Four 
patterns match a 3 anywhere in the AS path: 


<beginning of string>3<space> 
<beginning of string>3<end of string> 
<space>3<end of string> 
<space>3<space> 


Because an underscore matches a space, beginning of string, or end of string, we can use 
the regular expression _3_ to match all four patterns. Configure the AS path filter list on 
Router B: 


Router B 

router bgp 2 

neighbor 10.1.1.1 remote-as 1 
neighbor 10.1.2.2 remote-as 3 


neighbor 10.1.1.1 filter-list 1 out 
! 


ip as-path access-list 1 deny 3 
ip as-path access-list 1 permit .* 
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Verification j 
Check the BGP table on Router A to verify that any route containing a 3 in the AS pa 
been blocked: 2 pe 


rtrA#show ip bgp 

BGP table version is 5, local router ID is 172.17.1.1 
Status codes: s suppressed, d damped, h history, * valid, > best, i - interna 
Origin codes: i - IGP, e - EGP, ? - incomplete “5 


Network Next Hop Metric LocPrf Weight Path 
*> 172.16.0.0/24 10.1.1.2 i) @2i 
*> 172.16.1.0/24 10.1.1.2 ® ®@2i 
*> 172.16.2.0/24 10.1.1.2 i) ®@2i 
*> 172.16.3.0/24 10.1.1.2 ® @2i 


Configuration Example 4: Block All Routes Originating from a 
Directly Connected EBGP Neighbor 


Routes originating from a directly connected EBGP neighbor contain one AS numbe 
AS path. The form of the AS path is 


<beginning of string>AS number<end of string> 


The regular expression that matches routes from a directly connected EBGP ne 
4AS-number$. For this example, we use a filter list on Router A to block routes: 
from AS 2. Configure the following filter on Router B, remembering to remoye any & 
AS path filters: 


Router B 

router bgp 2 

neighbor 10.1.1.1 remote-as 1 
neighbor 10.1.2.2 remote-as 3 
neighbor 10.1.1.2 filter-list 1 out 
! 

ip as-path access-list 1 deny “2$ 
ip as-path access-list 1 permit .* 


Verification : 
Before you apply the filter, the BGP table on Router A should contain the routes 1 


rtrA#show ip bgp 

BGP table version is 9, local router ID is 172.17.1.1 _ 
Status codes: s suppressed, d damped, h history, * valid, > best, i - intef 
Origin codes: i - IGP, e - EGP, ? - incomplete 
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(Continued) 
Network Next Hop Metric LocPrf Weight Path 


rtrA#show ip bgp 

BGP table version is 9, local router ID is 172.17.1.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next He Metric LocPrf Weight 
10.4.1. ® 
10.1.1. ® 
10.1.4. @ 
10.1.1. 1) 


1 Verify that the BGP neighbors are in the Established state using the show ip bgp 
neighbors command. 


If the neighbor relationship is not in the Established state, see section 8-23. 


2 Verify that the routes to be filtered are being advertised using the show ip bgp 
command. 


3 In some cases, there might not be routes to filter. Your filter might be used to block 
future advertisements from a particular AS. In this case, the routes are not in the BGP 
table. 


4 If routes that you think should be filtered are showing up in the BGP table, check the 
syntax of your AS path filter and your regular expressions. You can check the 
operation of the filters by debugging the BGP updates. For the second example, the 
debug output would be similar to this: 


Router B 

6d17h: BGP: 10.1.1.1 send UPDATE 172.16.0.0/24, next 10.1.1.2, metric @, path 2 

6d17h: BGP: 10.1.1.1 send UPDATE 172.16.1.0/24 (chgflags: 0x0), next 10.1.1.2, 
path (before routemap/aspath update) 

6d17h: BGP: 10.1.1.1 send UPDATE 172.16.2,.0/24 (chgflags: @x®), next 10.1.1.2, 
path (before routemap/aspath update) 


continues 
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(Continued) 
6d17h: BGP: 10.1.1.1 send UPDATE 172.16.3.0/24 (chgflags: @x®), next 10. 1.4% 
path (before routemap/aspath update) i 
6d17h: BGP; 10.1.1.1 send UPDATE 198.16.2.0/24, next 10.1.1.2, metric a, 
path 23 4 
6d17h: BGP: 10.1.1.1 send UPDATE 198.16.3.0/24 (chgflags: Ox), next 10. 1.413 
path 3 4 (before routemap/aspath update). 1 


Notice that the preceding debug output doesn’t indicate routes that are blocked. B ¢ 
the routes you intended to block are not being sent in the update, the AS path filter 
working. If you see routes that you intended to block in the update, there is a prob ‘ 
the AS path filter. 


8-12: neighbor {ip-address | peer-group-name} filter-I 


as-path-list-number weight weight 
Syntax Description: 
© — ip-address—Neighbor’s IP address. 
© — peer-group-name—Name of the peer group. See section 8-19. 
© —as-path-list-number—IP AS path list number. 


* weight—1 to 65535. This value is applied to the weight attribute of incoming? 
matching the conditions in the AS path filter list. 


Purpose: Routes learned from BGP neighbors have the weight attribute set to 0. This 
of the filter-list command allows you to set the weight attribute of selected routes ree 
from a particular neighbor. This command applies only to incoming route updates. 
operation of the filter list is identical for both IBGP and EBGP neighbors. 


Cisco IOS Software Release: 10.0. Peer group support was added in Release 11.0.4 
weight keyword was removed in Release 12.1. 


Configuration Example: Set the Weight of Routes Originating fre 
Particular AS 


In Figure 8-13, Routers B and C are advertising four network prefixes. Router A 
the route update coming from Router B and sets the weight of networks original ing 
AS 3 to 850. The last AS listed in the AS path list is the originating AS. Loop s a 
on Routers B and C to simulate the advertised networks, as shown in the configu! 
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re 8-13 Scenario for the Use of the neighbor filter-list weight Command 


AS path filter to set BGP route update 
the weight 172.16.0.0/24 
- 172.16.1.0/24 
172.16.2.0/24 


198.16.0,0/24 
198.16.1,0/24 
198.16.2.0/24 
198.16.3.0/24 


Router A 
interface Seriald 

: ip address 10.1.1.1 255.255.255.252 
' 


router bgp 1 
neighbor 10.1.1.2 remote-as 2 
Router & 


ip subnet-zero 
1 


interface Loopback® 

ip address 172.16.0.1 255.255.255.0 

! 

interface Loopback! 

ip address 172.16.1.1 255.255.255.98 

! 
interface Loopback2 

ip address 172.16.2.1 255.255.255.90 

! 
interface Loopback3 

ip address 172.16.3.1 255.255.255.0 

! 
interface Serial® 

ip address 10.1.1.2 255.255.255.252 
Clockrate 64000 

! 
router bgp 2 

network 172.16.@.0 mask 255.255.255.0 
network 172.16.1.0 mask 255.255.255.0 
network 172.16.2.@ mask 255.255.255.9 
network 172.16.3.0 mask 255.255.255.0 
neighbor 10.1.1.1 remote-as 1 
neighbor 10,1.2.2 remote-as 3 
continues 
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(Continued) 


ip subnet-zero 
! 

interface Loopback® 

ip address 198.16.0.1 255.255.255.8 
t 

interface Loopback 

ip address 198.16.1.1 255.255.255.0 
! 

interface Loopback2 

ip address 198.16.2.1 255.255.255.8 
! 

interface Loopback3 

ip address 198.16.3.1 255.255.255.0 
{ 

interface Serial? 

ip address 10.1.2.2 255.255.255.252 
! 

router bgp 3 
network 198.16.9. 


6 
network 198.16. 
6 
6 


@.0 
1.0 
network 198.16.2.0 
network 198.16,.3.8 
neighbor 10.1.2.1 remote-as 2 


rtrA#show ip bgp 

BGP table version is 22, local router ID is 172.17.1.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - interna 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next 
172.16.0.0/24 10.1 
172.16.1. 10.1 
172.16.2. 10.1. 
172.16.3, 10.1. 
1 
1 
1 
1 


= 
ao 
a 


Metric LocPrf Weight 
a) 


4) 

@ 

4) 
198.16.9. 10. 
198.16.1. 10. 
198.16.2. 10. 
198.16. 10. 

PIrbAsnow 

BGP table version is 9, iocal router ID is 172.16.3.1 


Status codes: s suppressed, d damped, h history, * valid, > best, i - interna 
Origin codes: i - IGP, e - EGP, ? - incomplete 


DPMP NHN NY 
Sse 0 9 909 83 
NN NYONH HN LY 


Network Next Hop Metric LocPrf Weight Path 
*> 172,16.0,.0/24 9.0,0.0 0 32768 i 
*> 172.16.1.0/24 8.0.8.0 @ 32768 i 
*> 172.16.2.0/24 @.0.90.9 ® 32768 i 
*> 172.16.3.0/24 8.0.8.9 i) 32768 i 
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(Continued) 


rtrCc#show ip bgp 

BGP table version is 18, local router ID is 198.16.3.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Metric LocPrf Weight Path 
172.16.0,0/24 2 
172.16.1.0/24 2S 
172.16.2.0/24 whee 24 
172.16.3,0/24 «1.2, 2A 
198.16.0. i 
198.16,1. i 
198.16.2. i 
198.16.3. i 


Notice the AS path information contained in the BGP tables of the three routers. Before a 
router sends an update to another router in a different AS, the advertising router prepends 
its AS number to the update. This information is used to inspect the updates. For this 
example, we want to inspect the route update that Router B is sending to Router A and set 
the weight of routes that originate in AS 3 to 850. We can identify the routes originating in 
AS 3 by looking at the last AS number in the AS path information. If the last AS number is 
3, these routes originated in AS 3. We don’t care how many AS numbers are listed in the 
path, as long as the last AS number is 3. In order to set the weight of routes based on AS 
path information, we need to use an AS path filter in conjunction with the BGP filter-list 
command, An AS path filter utilizes regular expressions to match patterns in the AS path 
list. Refer to Appendix B for a discussion of regular expressions. The regular expression 
used to match any prefix originating from AS 3 is _3$. Two of the characters an underscore 
matches are a space and the beginning-of-string character. There is always a space between 
the AS numbers listed in an AS path. The 3$ must match a 3 and then the end-of-string 
character. So, the regular expression _3$ matches any path originating from AS 3, 
regardless of the length of the AS path. Now modify the BGP configuration on Router A to 
set the weight of routes originating in AS 3 to 850: 

Router A 


router bgp 1 
neighbor 10.1.1.2 remote-as 2 
1 


neighbor 10.1.1.2 filter-list 1 weight 850 
! 


ip as-path access-list 1 permit _3$ 
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: 
The filter list always references an IP AS path access list. For this example, the 4 AS] 


access list number is |. The first statement in access list 1 matches any routes ori: 
in AS 3 and allows their weights to be set to 850. 


Verification 
Verify that the routes originating in AS 3 have a weight of 850 on Router A: 


rtrA#show ip bgp 
BGP table version is 9, local router ID is 172.17.1.1 
Status codes: s suppressed, d damped, h history, * valid, > best, i - i 
Origin codes: i - IGP, e - EGP, 7? - incomplete 


Network Next 
*> 172.16.9.0/24 10.7.1. 


Ho 
1 
*> 172.16.1.0/24 10.1.1. 
1 
1 


Metric LocPrf Weight Path 
Q @2i 


] 
> 172.16.2.0/24 10.1. ) 
172,16,3,0/24 10.1.1. Q 


Troubleshooting 


1 Verify that the BGP neighbors are in the Established state using the show pbs 
neighbors command. 


If the neighbor relationship is not in the Established state, see section 8-23. 


2 Verify that the routes to be adjusted are being advertised using the show oe 
command. 


3 Insome cases, there might not be routes to adjust. Your filter might be used to a just 
advertisements from a particular AS. In this case. the routes will not be in the 


If routes that you think should be adjusted are showing up in the BGP table ss | 
weight of 0, check the syntax of your AS path filter and your regular expressi@ 


8-13: neighbor {ip-address | peer-group-name} 
maximum-prefix prefix-limit 


8-14: neighbor {/p-address | peer-group-name} 
maximum-prefix prefix-limit warning-only 
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3-15: neighbor {/p-address | peer-group-name} 
maximum-prefix prefix-limit threshold-value 


8-16: neighbor {/p-address | peer-group-name} 
maximum-prefix prefix-limit threshold-value warning-only 
{ Syntax Description: 

© = ip-address—Neighbor’s IP address. 

° — peer-group-name—Name of the peer group. See section 8-19. 

© — prefix-limit—1| to 4294967295, 

° — threshold-value—\ to 100 percent. If this isn’t explicitly set, the default value is 75 

percent. 


Purpose: To limit the number of prefixes learned from a specific neighbor. The threshold- 
value determines the value that causes the router to generate a warning. For example, if the 
prefix-limit is set to 1000 and the threshold-value is set to 75 percent, the router generates 
a warning when 751 prefixes are received from the neighbor. When the number of prefixes 
received from the neighbor exceeds the prefix-limit, the BGP connection between the 

neighbors is terminated. 


Cisco LOS Software Release: 11.3 


Configuration Example: Controlling the Maximum Prefixes Learned 
fom a BGP Neighbor 
The configuration shown in Figure 8-14 demonstrates the maximum-prefix commands. 
Router A is configured with a prefix-limit of 8. The nine loopback interfaces on Router B 
are used to generate the prefixes that are advertised to Router A. 
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Figure 8-14 Configuration Used to Demonstrate the maximum-prefix Commands 


172.16.1.0/24 
172.16.2.0/24 
172.16.3.0/24 
172.16,4.0/24 
172.16.5.0/24 
172.16.6.0/24 
172.16,7.0/24 
172.16,8.0/24 


Router A 

router bgp 1 

neighbor 10.1.1.2 remote-as 2 
neighbor 10.1.1.2 maximum-prefix 8 
Router B 
interface loopback 0 

ip address 172.16.0.1 255.255.255.0 
! 

interface loopback 1 

ip address 172.16.1.1 255.255.255.0 
! 

interface loopback 2 

ip address 172.16.2.1 255.255.255.90 
I 

interface loopback 3 

ip address 172.16.3.1 255.255.255.0 
| 

interface loopback 4 

ip address 172.16.4.1 255.255.255.0 
! 

interface loopback 5 

ip address 172.16.5.1 255.255.255.0 
! 

interface loopback 6 

ip address 172.16.6.1 255.255.255.080 
! 

interface loopback 7 

ip address 172.16.7.1 255.255.255.0 
! 

interface loopback 8 

ip address 172.16.8.1 255.255.255.080 
{ 

router bgp 2 

neighbor 10.1.1.1 remote-as 2 
network 172.16.0.0 mask 255.255.255.090 
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(Continued) 

network 172.16.1.0 mask 255.255.255.0 
network 172.16.2.0 mask 255.255.255.0 
network 172.16.3.0 mask 255.255.255.0 
network 172.16.4.0 mask 255.255.255.090 
network 172.16.5.@ mask 255.255.255.0 


For this initial configuration, the default threshold value of 75 percent is used on Router A. 
This should cause a warning on Router A when seven routes ([%75 percent of 8] + 1) are 
received from Router B. 


erification 


Verify the maximum-prefix parameters by using the show ip bgp neighbors command on 
Router A: 


rtrA#show ip bgp neighbors 

BGP neighbor is 10.1.1.2, remote AS 2, external link 

Index 1, Offset @, Mask @x2 
BGP version 4, remote router ID 10,1,1.2 
BGP state = Established, table version = 7, up for 00:53:07 
Last read 00:00:08, hold time is 180, keepalive interval is 6@ seconds 
Minimum time between advertisement runs is 30 seconds 
Received 375 messages, @ notifications, ® in queue 
Sent 343 messages, ® notifications, ® in queue 
Prefix advertised @, suppressed ®, withdrawn @ 

Connections established 20; dropped 19 
Last reset 00:53:28, due to User reset 


® history paths consume Q bytes 
Connection state is ESTAB, I/O status: 1, unread input bytes: @ 
Local host: 10.1.1.1, Local port: 11015 
Foreign host: 10.1.1.2, Foreign port: 179 


In order to test the maximum-prefix command, add a network statement to the BGP 
configuration on Router B. This will cause the number of received prefixes to exceed the 
threshold value of 75 percent: 


Router B 

router bgp 2 

neighbor 10.1.1.1 remote-as 2 
network 172.16.0.0 mask 255.255.255.0 
network 172.16.1.0 mask 255.255.255.0 


network 172.16.2.0 mask 255.255.255.0 
network 172.16.3.0 mask 255.255.255.0 
network 172.16.4.0 mask 255.255.255.0 
network 172.16.5.0 mask 255.255.255.0 
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Router A should generate the following warning: 


rtraA# 
05:04:45; %“BGP-4-MAXPFX: No. of prefix received from 10.1.1.2 reaches 7, 


If we add one more network statement to the BGP configuration on Router B, the p 
limit will be reached on Router A: 


Router 8 
router bgp 2 
neighbor 10.1. remote-as 2 
network 172. 7 . @ mask 255.255.255.6 
network 172.16.1.0 mask 255.255.255.0 
network 172.16.2.0 mask 255.255.255.0 
network 172.16.3.0 mask 255.255.255.0 
network 172.16.4.0 mask 255.255.255.909 
network 172.16.5.0 mask 255.255.255.0 
network 172.16.6.0 mask 255.255.255.0 


Router A will generate the following message: 


rtraA# 
@5:10:58: %BGP-4-MAXPFX: No. of prefix received from 10.1.1.2 reaches 8, max 


If we add one more network statement to the BGP configuration on Router B, the pr 
limit set on Router A will be exceeded. Because we did not use the warning-only Of 
the BGP connection will be terminated: 


Router B 

router bap 2 
neighbor 1@.1.1.1 remote-as 2 
network 172.16.0.0 mask 255.255.255.0 
network 172.16 @ mask 255.255.255.0 
network 172.16.2.0 mask 255.255.255.8 
network 172.16.3.0 mask 255.255.255.0 
network 172.16.4.0 mask 255.255.255.0 
network 172.16.5.@ mask 255.255.255.0 
network 172.16.6.0 mask 255.255.255.0 
network 172.16.7.0 mask 255.255.255.0 


The BGP connection should terminate. Verify this claim by using the show ip DgP 
neighbors command: 


rtrA#show ip bgp neighbors 
BGP neighbor is 10.1.1.2, remote AS 2, external link 
Index 1, Offset @, Mask Ox2 

BGP version 4, remote router ID 0.0.0.0 
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(Continued) 
Last read 00:00:45, hold time is 180, keepalive interval is 60 seconds 
Minimum time between advertisement runs is 30 seconds 
Received 402 messages, ® notifications, ® in queue 
Sent 360 messages, ® notifications, 0 in queue 
Prefix advertised ®, suppressed 0, withdrawn 0 
Connections established 22; dropped 22 


The BGP connection has been terminated, as indicated by the Idle state. If we had used the 
warning-only option on Router A, only a warning would be generated, as shown: 


rtrAé 


05:12:59: %BGP-3-MAXPFXEXCEED: No. of prefix received from 10.1.1.2: 9 exceed 8 


With the warning-only option, the BGP connection is not terminated if the prefix limit is 
exceeded. This can be seen by using the show ip bgp neighbors command on Router A: 


rtrA#show ip bgp neighbors 
BGP neighbor is 10.1.1.2, remote AS 2, external link 
Index 1, Offset @, Mask @x2 
BGP version 4, remote router ID 10.1.1.2 
BGP state = Established, table version = 7, up for 00:53:07 
Last read 00:20:08, hold time is 180, keepalive interval is 6@ seconds 
Minimum time between advertisement runs is 30 seconds 
Received 375 messages, @ notifications, ® in queue 
Sent 343 messages, @ notifications, ® in queue 
Prefix advertised @, suppressed ®, withdrawn 0 
Connections established 20; dropped 19 
Last reset 00:53:28, due to User reset 


Threshold for warning message 75% 
@ history paths consume @ bytes 
Connection state is ESTAB, I/O status: 1, unread input bytes: @ 
Local host: 10.1.1.1, Local port: 11015 
Foreign host: 1@.1.1.2, Foreign port: 179 


dL bleshooting 


1 Verify that the BGP neighbors are in the Established state using the show ip bgp 
neighbors command. 


If the neighbor relationship is not in the Established state, see section 8-23. 


2 Verify that the maximum prefix limit and threshold value parameters are set using the 
show ip bgp neighbors command. 
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8-17: neighbor {ip-address | peer-group-name} next- 
hop-self 
Syntax Description: 
© = ip-address—Neighbor’s IP address. 
© = peer-group-name—Name of the peer group. See section 8-19. 


Purpose: When a BGP router learns routes via EBGP, and those routes are advertises 
IBGP neighbor, the next-hop information is sent unchanged. This command allow 
router to change the next-hop information that is sent to IBGP peers. The next- 
information is set to the IP address of the interface used to communicate with t 


Cisco IOS Software Release: 10.0. Peer group support was added in Release 11.0 


Configuration Example: Setting Next-Hop Information for 
Advertised Prefixes 
Every prefix that is advertised using BGP contains next-hop information. Figure 8- 
shows the next-hop behavior for EBGP and IBGP. The advertisement for netwo: tk 
198.16.1.0/24 from Router B to Router A contains a next hop of 172.16.1.1. EBGP 
hop information is preserved when the prefix is advertised via IBGP. Router B 
network 198.16. 1.0/24 to Router C, with the next-hop information received from 


Figure 8-15 Next Hop for EBGP and IBGP Connections 


198.16.1.0/24 198.16.1.0/24 
Next hop 172.16.1.1 Next hop 172.16.1.1 


10.1.1.1 10.1,1,2 


172.16.1.1 


On a multiaccess network, such as Ethernet or Token Ring, the next-hop beh¢ ior 
shown in Figure 8-16. Router B learns about network 198.16.1.0/24 from Router? 

Router B advertises 198.16. 1.0/24 to Router C via EBGP with the next-hop in! 
to the address of Router A. This is done to avoid the extra hop of sending packets ¢ 
to network 198.16.1.0/24 to Router B. 


8-17: neighbor {ip-address | peer-group-name} next-hop-self 


re 8-16 Next Hop for Multiaccess Networks 


172.16.1.1 172.16.1.2 


198.16.1.0/24 
Next hop 172.16.1.1 


The next-hop behavior for a nonbroadcast multiaccess (NBMA) network is similar to that of a 
multiaccess network. Figure 8-17 shows a partially meshed NBMA network using a hub-and- 
spoke configuration. PVCs have been configured between the hub (Router B) and the spokes 
(Routers A and C). There is no PVC from Router A to C. Both PVCs are assigned to the same IP 
subnet, 172.17.1.0/24, Because the PVCs are on the same IP subnet, Router B sets the ast top 
information for ha ws ; mice 172. 16. 1. A when sae aS seca re 


router bgp 1 
Het ane i172 BD 1. “3 Fenote- “as 2 


8-17 Next Hop for NBMA Networks 


198.16.1.0/24 
Next hop 172,16.1.1 


a 
198.16.1.0/24 pee 
172,16.144 
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Verification 


Verify the next hop for network 198.16.1.0/24 on Router C by using the show ip § 
command on Router C: ‘ 


rtrC#show ip bgp 

BGP table version is 22, local router ID is 172.16.1.13 

Status codes: s suppressed, d damped, h history, * valid, > best, i - 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 


Troubleshooting |! 


1 Verify that the BGP neighbors are in the Established state using the show ip 
neighbors command. 


If the neighbor relationship is not in the Established state, see section 8-23, 
2 Verify the next-hop setting using show ip bgp. 


8-18: neighbor {ip-address | peer-group-name} 
password password 
Syntax Description: 
© — ip-address—Neighbor’s IP address. 
° = peer-group-name—Name of the peer group. See section 8-19. 


* —password—Case-sensitive password. The length of the password can be Uf 
characters. The first character of the password cannot be a number. 
can contain any alphanumeric characters, including spaces. For operational 
do not use a space after a number. 

Purpose: To enable Message Digest 5 (MD5) authentication on a TCP connection 
two BGP peers. 


Cisco IOS Software Release: | 1.0 


Configuration Example: Enabling MD5 Authentication on a TC 
Connection Between BGP Peers 


The network shown in Figure 8-18 is used to demonstrate password configuratt or 
neighbors. 
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giqure 8-18 Authentication of a BGP Connection 


MD5 authentication 


Router A 
router bgp 1 
neighbor 10. 
neighbor 10. 
Router 6 
router bgp 2 
neighbor 1@.1.1.1 remote-as 1 
neighbor 10.1.1.1 password cisco 


remote-as 2 


T6142 
1.1.2 password cisco 


When a password is configured on the first neighbor, the BGP connection is terminated. 
When the password on the second neighbor is configured, the BGP session is reestablished. 


Verification 
Verification is easy. If the neighbors are in the Established state, authentication is working. 


Troubleshooting 

1 Verify that the BGP neighbors are in the Established state using the show ip bgp 
neighbors command. 
If the neighbor relationship is not in the Established state, see section 8-23. 


2 Ifthe neighbors are not in the Established state, there are two possibilities. Either one 
neighbor has not been configured with a password, or there is a password mismatch 
between the neighbors. 


If only one neighbor has a password configured, you see a message similar to the 
following: 
1d15h: %TCP-6-BADAUTH: No MD5 digest from 10.1.1.1:179 to 10.1.1.2:11028 


If there is a password mismatch, the following message is generated: 


1d15h: %“TCP-6-BADAUTH: Invalid MD5 digest from 10.1.1.1:11018 to 
10.1.1,2:179 
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8-19: neighbor peer-group-name peer-group 


8-20: neighbor jp-address peer-group peer-group-na 
Syntax Description: 


° — peer-group-name—Name of the peer group to create or the name of the peer 
to which the neighbor will be added. 


* — ip-address—IP address of the neighbor to be placed in the peer group with the 
peer-group-name, | 
Purpose: Use the neighbor peer-group-name peer-group command to create a BC 
group. The neighbor ip-address peer-group peer-group-name command adds 
to an existing peer group. Assume that a router has multiple BGP neighbors 
identical update policies with those ha eee The fa she Te could be configt 
each neighbor. In this'¢ case, BC 


Cisco LOS Software Release: | 1.0 


Configuration Example: Creating Peer Groups 


Router A in Figure 8-19 has two IBGP peers and two EBGP peers. Assume that R 

has the same update policy for the IBGP peers and the EBGP peers. The IBGP peer 
be configured in one peer group and the EBGP peers in another. The first configut 
without using peer groups. The second configuration uses peer groups so that you 
compare the syntax. 


8-19 BGP Peer Groups 


Router A (without using peer groups) 
router bgp 1 

neighbor 10.1.1.2 remote-as 1 

neighbor 10.1.1.2 distribute-list 1 out 
neighbor 10.1.2.2 remote-as 1 

neighbor 10.1.2.2 distribute-list 1 out 
neighbor 172.16.1.2 remote-as 2 
neighbor 172.16.1.2 distribute-list 2 out 
neighbor 172.16.2.2 remote-as 3 

neighbor 172.16.2.2 distribute-list 2 out 
; 4 (Using peer groups 

router bgp 1 

neighbor local peer-group 

neighbor local remote-as 1 

neighbor 10.1.1.2 peer-group local 
neighbor 10.1.2.2 peer-group local 
neighbor local distribute-list 1 out 
neighbor 10.1.2.2 peer-group local 
neighbor external peer-group 

neighbor 172.16.1.2 remote-as 2 
neighbor 172.16.2.2 remote-as 3 
neighbor 172.16.1.2 peer-group external 
neighbor 172.16.2.2 peer-group external 
neighbor external distribute-list 2 out 


The sequence of events in configuring peer groups is as follows: 
Step 1 Create the peer group. 
Step 2 Assign neighbors to the peer group. 


Step 3 If all members of a peer group are in the same AS, assign the peer group 


to the AS. . 
XN Q- 
Step 4 Assign update policies to the peer group. Ker \ 


8-20: neighbor ip-address peer-group peer-group-name 


185 
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The commands neighbor local peer-group and neighbor external peer-group cre 
peer groups local and external. Routers B and C are in the same AS, so we can 
peer group local in AS | using neighbor local remote-as 1. Routers D and E are in¢ 

autonomous systems, so the peer group external cannot be put in an AS. In this ¢; * 
individual neighbors are placed in their respective autonomous systems. 


The update policy for neighbors B and C uses distribute list 1 out. Applying dis 
list to the peer group applies the policy to each member of the peer group. The sar 
for the external peer group. Incoming policies can also be assigned to a peer group, 
example, we can apply an incoming filter list to peer group local: q 


neighbor local filter-list 1 in 
If another incoming policy is applied to a specific neighbor, this policy overrides the 
group policy: 


neighbor local filter-list 1 in 
neighbor 10.1.1.2 filter-list 2 in 


Filter list 2 is applied to neighbor 10.1.1.2 instead of filter list 1. You can oven ide or 
incoming policies. 


Verification 
Verify that a neighbor is a member of the peer group. For example, check the status 
relationship between Routers A and B: | 


rtrA#show ip bgp neighbors 
BGP neighbor is 10.1.1.2, remote AS 1, internal link 
Index 1, Offset @, Mask @x2 


BGP version 4, remote router ID 10.1.1.2 

BGP state = Established, table version = 41, up for 00:00:08 
Last read 00:00:07, hold time is 18@, keepalive interval is 6@ seconds 
Minimum time between advertisement runs is 5 seconds 
Received 14126 messages, @ notifications, ® in qusue 
Sent 14138 messages, ® notifications, ® in queue 
Prefix advertised 15, suppressed @, withdrawn 12 
Outgoing update network filter list is 1 

Connections established 5; dropped 3 


2 accepted prefixes consume 64 bytes 

® history paths consume @ bytes 
Connection state is ESTAB, I/O status: 1, unread input bytes: 0 
Local host: 10.1.1.1, Local port: 11010 
Foreign host: 10.1.1.2, Foreign port: 179 
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troubleshooting 
; 1 Verify that the BGP neighbors are in the Established state using the show ip bgp 
neighbors command. 


If the neighbor relationship is not in the Established state, see section 8-23. 
2 If the neighbors are in the Established state, check the following: 
° — The spelling of the peer group name in the neighbor peer-group-name peer- 
group command, 


° — The spelling of the peer group name in the neighbor ip-address peer-group 
peer-group-name command. 


° — The IP address of the neighbor in the neighbor ip-address peer-group peer- 
group-name command. 


8-21: neighbor {ip-address | peer-group-name} prefix-list 
prefix-list-name in 
: Syntax Description: 

® = ip-address—Neighbor’s IP address. 

° = peer-group-name—Name of the peer group. See section 8-19. 

° _ prefix-list-name—Name of the input IP prefix list. 
the input prefix list is identical for both EBGP neighbors. Usin 
an alternative to using an extended IP access list and a distribute list. 
Cisco IOS Software Release: 12.0 


he operation of 
g a prefix list is 


-Onfiguration Example 1: Allow an Aggregate Route While Blocking 
= More-Specific Routes 
In Figure 8-20, Router B is advertising four network prefixes and the aggregate of the 
prefixes to Router A. Router A filters the route update from Router B in order to reject the 


more-specific routes. Loopbacks are used on Router B to simulate the advertised networks, 
as shown in the configuration. 
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Figure 8-20 Scenario for Use of the neighbor prefix-list in Command 


Input prefix list <——————————_ BGP route update 


Router A 
J 
interface Seriald 

ip address 10.1.1.1 255.255.255.252 
! 

router bgp 1 

neighbor 10.1.1.2 remote-as 2 


ip subnet-zero 
! 
interface Loopback® 
ip address 172.16.0.1 255.255.255.@ 
! 
interface Loopback 
ip address 172.16.1.1 255.255,.255.@ 
t 
interface Loopback2 
ip address 172.16.2.1 255.255.255.0 
{ 
interface Loopback3 
ip address 172.16.3.1 255.255.255.0 
! 
interface Seriald® 
ip address 10.1.1.2 255.255.255.252 
clockrate 64000 
{ 
router bgp 2 
network 172.16.0.® mask 255.255.255.9 
network 172.16.1.0 mask 255.255.255.090 
network 172.16.2.@ mask 255.255.255.0 
network 172.16.3.0 mask 255.255.255.0 
aggregate-address 172.16.0.0 255.255.252.90 
neighbor 10.1.1.1 remote-as 1 


8-21: neighbor {ip-address | peer-group-name} prefix-list prefix-list-name in 189 


Before proceeding to the prefix list example, verify that Router A is receiving the routes 
from Router B: 


rtrA#show ip bgp 

BGP table version is 5, local router ID is 172.17.1.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Metric LocPrf Weigh 
172.16.0.0/24 , ® 
172.16.0.0/22 

172.16.1.0/24 Sterdis ® 
172.16,2.0/24 ) 
172.16.3.0/24 ete \) 


ath 


t P 
@2 
@2 
®2 
®2 
@2 


Modify the BGP configuration on Router A to allow only the aggregate prefix 172.16.0.0/22: 


Router A 
router bgp 1 
neighbor 10.1.1.2 remote-as 2 


Si wieoeeecaercns ster: A lists are named, and each statement in a prefix 
list has a sequence number. Ele in a prefix list are executed in numerical order, and 


processing stops when a match occurs. Before proceeding, we will discuss the commands 
available with an IP prefix list: 


ip prefix-list sequence-number (default) 
no ip prefix-list sequence-number 


The default form includes the sequence numbers in the configuration. Using the no form of 
this command excludes the sequence numbers. If we list our configuration on Router A, we 
see that the sequence numbers are included in the configuration. By default, the sequence 
numbers start at 5 and increment by 5: 

ip prefix-list aggregate seq 5 permit 172.16.0.0/22 
Using the no form produces this: 

ip prefix-list aggregate permit 172.16.0.0/22 


If the no form is used, the sequence numbers can be seen using the show ip prefix-list 
command: 


rtrA#show ip pre -list 
ip prefix-list aggregate: 2 entries 


seq 5 permit 172.16.0.0/22 
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Here is the general form of the command: 


rtrA(config)#ip prefix-list ? 
WORD Name of a prefix list 
sequence-number Include/exclude sequence numbers in NVGEN 


rtrA(contig)#ip prefix-list aggregate ? 


deny Specify packets to reject 
description Prefix-list specific description 
permit Specify packets to forward 

seq sequence number of an entry 


The permit and deny statements are used to determine if a prefix is allowed or 
when received from a neighbor. The description option is useful if you have ma 
lists. We can add a description to our configuration using this: 


ip prefix-list aggregate description filter specific routes of 172.16.0.0/2: 


The seq (sequence number) option allows us to apply our own sequence number 
permit or deny statement. If it is not used, the default sequence numbers are applie 


After the permit or deny option comes the prefix/length entry: 


rtrA(config)#ip prefix-list aggregate permit ? 
A.B.C.D IP prefix <network>/<length>, e.g., 35.0.0.0/8 


For our example we used this: . 
ip prefix-list aggregate seq 5 permit 172.16.0.0/22 


This permits the aggregate advertisement received from Router B. Finally, we can ft 
specify a range for the number of bits to match in the prefix length by using the opt 
parameters greater than or equal to (ge) or less than or equal to (le): 


rtrA(config)#ip prefix-list aggregate permit 172.16.0.0/22 ? 
ge Minimum prefix length to be matched 
le Maximum prefix length to be matched 
<cr> 


The possibilities are to match the following: 


® Less than or equal to a number of bits: 


ip prefix-list aggregate permit 172.16.0.0 /22 le 23 


© Greater than a number of bits: 
ip prefix-list aggregate permit 172.16.0.0 /22 ge 23 


® Greater than one value and less than or equal to another value: 


ip prefix-list aggregate permit 172.16.0.0 /22 ge 23 le 24 


The last form allows the more-specific routes and blocks the aggregate prefix. 
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sification 
Verify that Router A is using the prefix list: 


rtrA#show ip bgp 
BGP neighbor is 10.1.1.2, remote AS 2, external link 
Index 1, Offset @, Mask @x2 
BGP version 4, remote router ID 172,16.3.1 
BGP state = Established, table version = 2, up for 01:01:10 
Last read 00:00:09, hold time is 180, keepalive interval is 6@ seconds 
Minimum time between advertisement runs is 30 seconds 
Received 172 messages, ® notifications, @ in queue 
Sent 15@ messages, @ notifications, ®@ in queue 
Prefix advertised @, suppressed @, withdrawn @ 


Connections established 10; dropped 9 

Last reset 01:01:27, due to User reset 

1 accepted prefixes consume 32 bytes 

@ history paths consume @ bytes 
Connection state is ESTAB, I/0 status: 1, unread input bytes: @ 
Local host: 10.1,1.1, Local port: 11052 
Foreign host: 10.1.1.2, Foreign port: 179 


The prefix list can be examined by using the show ip prefix- list or show ip prefix-list 
detail commands: 


rtrA#show ip prefix-list 
ip prefix-list aggregate: 1 entries 
seq 5 permit 172.16.0.0/22 


rtrA#show ip prefix-list detail 

Prefix-list with the last deletion/insertion: aggregate 

ip prefix-list aggregate: 
Description: filter specific routes of 172.16.0.0/22 
count: 1, range entries: 0, sequences: 5 - 5, refcount: 3 
seq 5 permit 172.16.0.0/22 (hit count: 1, refcount: 1) 


Finally, check the BGP routing table on Router A to ensure that the 172.16.0.0/22 prefix has 
been allowed and that the more-specific prefixes have been filtered: 


rtrA#show ip bgp 

BGP table version is 2, local router ID is 172.17.1.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
*> 172.16.0.0/22 10.1.1.2 O2 i 
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Configuration Example 2: Allow the More-Specific Prefixes a 
Block the Aggregate 


For this example, we will allow the more-specific prefixes and block the aggregate, T 
method uses the following prefix list: 7 


ip prefix-list aggregate permit 172.16.0.0/24 
ip prefix-list aggregate permit 172.16.1.0/24 
ip prefix-list aggregate permit 172.16.2.0/24 
ip prefix-list aggregate permit 172.16.3.0/24 


Here is a more compact form to achieve the same results: 
ip prefix-list aggregate permit 172.16.0.0/22 ge 23 


The BGP router configuration on Router A remains unchanged. Because there is an 
deny any at the end of every prefix list, we will let this implicit statement block the ag 


Verification 


As in the previous example, check the BGP table on Router A to verify that only th 
specific prefixes of 172.16.0.0 are being allowed: 


rtrA#show ip bgp 

BGP table version is 5, local router 1D is 172.17.1.1 
Status codes: s suppressed, d damped, h history, * valid, > best, i - intern 
Origin codes: i - IGP, e - EGP, ? - incomplete ' 


Network Next Hop Metric LocPrf Weight Path 
*> 172.16.0.0/24 10.1.1.2 1) @2i 
*> 172.16.1.0/24 10.1.1.2 \) @2i 
*> 172.16.2.0/24 18,114.62 Q @2i 
*> 172.16.3.0/24 10.1.1.2 i) ®@2i 


Troubleshooting 
1 Verify that the BGP neighbors are in the Established state using the show ip 

neighbors command. 

If the neighbor relationship is not in the Established state, see section 8-23. 

2 Check the syntax of your prefix list. 

You can monitor the BGP route exchange using debug ip bgp updates, whic 

produce output similar to the following for the second configuration: 


tw@d: BGP: 10.1.1.2 rev UPDATE w/ attr: nexthop 10.1.1.2, origin i, 
aggregated by 2 172.16.3.1, path 2 
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(Continued) : 

jw@d: BGP: 10.1.1.2 rcv UPDATE w/ attr: nexthop 10.1.1.2, origin i, metric 0, 
path 2 

iwOd;: BGP: 10.1.1.2 

1wOd: BGP: 10.1.1.2 

.2 rov UPDATE about 172.16.2.0/24 

2 UPDATE about 172.16.3.0/24 


1 rev UPDATE about 172.16.0.0/24 
1 rev UPDATE about 172.16.1.0/24 
jwOd: BGP: 10.1.1 

IwOd: BGP: 1 


8-22: neighbor {/p-address | peer-group-name} prefix-list 
prefix-list-name out 
: Syntax Description: 

© — ip-address—Neighbor’s IP address. 

© = peer-group-name—Name of the peer group. See section 8-19. 

© — prefix-list-name—Name of the output IP prefix list. 


Purpose: To filter outgoing route updates to a particular BGP neighbor based on the IP 
address and mask length. Only one prefix list can be used per neighbor. The operation of 
the output prefix list is identical for both IBGP and EBGP neighbors. Using a prefix list is 
an alternative to using an extended IP access list and a distribution list, 


Cisco LOS Software Release: 12.0 


Co nfiguration Example 1: Allow an Aggregate Route While Blocking 
ine More-Specific Routes 


In Figure 8-21, Router B is advertising four network prefixes and the aggregate of the 
prefixes to Router A. Router B filters the route update to Router A in order to reject the 
more-specific routes. Loopbacks are used on Router B to simulate the advertised networks, 
as shown in the configuration. 


® 8-21 Scenario for Using the neighbor prefix-list out Command 


Output prefix list < 


BGP route update 


172.16.0,0/24 
172.16.0.1/24 
172.16.2.0/24 


Filtered route update 
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Router A 

! 

interface Serial@ 

ip address 10.1.1.1 255.255.255.252 

! 

! 

router bgp 1 

neighbor 10.1.1.2 remote-as 2 

Router 6B 

ip subnet-zero 

! 

interface Loopback 

ip address 172.16.0.1 255.255.255.@ 

! 

interface Loopback1 

ip address 172.16.1.1 255.255.255.@ 

! 
interface Loopback2 

ip address 172.16.2.1 255.255.255.@ 

! 
interface Loopback3 

ip address 172.16.3.1 255.255.255.0 

! 

interface Serial® 

ip address 10.1.1.2 255.255.255.252 
clockrate 64000 

! 
router bgp 2 

network 172.16.0.0 mask 255.255.255.@ 
network 172.16.1.@ mask 255.255.255.0 
network 172.16.2.0 mask 255.255.255.0 
network 172.16.3.@ mask 255.255.255.0 
aggregate-address 172.16.0.0 255.255.252.0 
neighbor 10.1.1.1 remote-as 1 


Before proceeding to the prefix list example, verify that Router A is receiving the rot 
from Router B: 


rtrA#show ip bgp 

BGP table version is 5, local router ID is 172.17.1.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - intel 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
172.16.0.0/24 10.1.1 ) Oi 2n5 
172.16.0.0/22 10.1.1. a 
172,.16.1.0/24 10.1.1, @ ® 
172.16.2.0/24 10.1.1 i) Q 

1.4 @ 


i 
i 
i 
172.16.3.8/24 12. i 


2 
2 
2 
2 
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Modify the BGP configuration on Router B to allow only the aggregate prefix 172.16.0.0/22: 


Router B 
router bgp 2 
neighbor 10.1.1.1 remote-as 1 


The prefix list is similar to a route map. Prefix lists are named, and each statement ina prefix 
list has a sequence number. Elements in a prefix list are executed in numerical order, and 
processing stops when a match occurs. Before proceeding, we will discuss the commands 
available with an IP prefix list: 


ip prefix-list sequence-number (default) 
ij no ip prefix-list sequence-number 


The default form includes the sequence numbers in the configuration. Using the no form of 
this command excludes the sequence numbers. If we list our configuration on Router A, we 
' see that the sequence numbers are included in the configuration, By default, the sequence 
| numbers start at 5 and increment by 5: 
ip prefix-list aggregate seq 5 permit 172.16.0.0/22 
Using the no form produces this: 
ip prefix-list aggregate permit 172.16.9.0/22 


If the no form is used, the sequence numbers can be seen using the show ip prefix-list 
command: 


rtrA#show ip prefix-list 
ip prefix-list aggregate: 2 entries 


seq 5 permit 172.16.0.0/22 


The general form of the command is: 


rtrA(config)#ip prefix-list ? 
WORD Name of a prefix list 
sequence-number Include/exclude sequence numbers in NVGEN 


rtrA(config)#ip prefix-list aggregate ? 


deny Specify packets to reject 
description Prefix-list specific description 
permit Specify packets to forward 

seq sequence number of an entry 


The permit and deny statements are used to determine if a prefix is allowed or prevented 
when received from a neighbor. The description option is useful if you have many prefix 
lists. We can add a description to our configuration using this: 


ip prefix-list aggregate description filter specific routes of 172.16.0.0/22 
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Verification 


The seg (sequence number) option allows us to apply our own sequence number to. 
permit or deny statement. If it is not used, the default sequence numbers are applies 


After the permit or deny option comes the prefix/length entry: 


rtrB(config)#ip prefix-list aggregate permit ? 
A.B.C.D IP prefix <network>/<length>, e.g., 35.0.0.0/8 


For our example we used: 
ip prefix-list aggregate seq 5 permit 172.16.6,0/22 


This permits the aggregate advertisement to be sent to Router A. Finally, we can fu 

specify a range for the number of bits to match in the prefix length by using the opti 

parameters greater than or equal to (ge) or less than or equal to (le): , 

rtrA(config)#ip prefix-list aggregate permit 172.16.0.0/22 ? 
ge Minimum prefix length to be matched 


le Maximum prefix length to be matched 
<cr> 


The possibilities are to match the following: 


* — Less than or equal to a number of bits: 
ip prefix-list aggregate permit 172.16.0.0 /22 le 23 
® Greater than a number of bits: 
ip prefix-list aggregate permit 172.16.0.@ /22 ge 23 
® Greater than one value and less than or equal to another value: 
ip prefix-list aggregate permit 172.16.0.0 /22 ge 23 le 24 
The last form allows the more-specific routes and blocks the aggregate prefix. 


The prefix list can be examined by using the show ip prefix- list or show ip p efix 
detail commands: 


etrB#show ip prefix-list 
ip prefix-list aggregate: 1 entries 
seq 5 permit 172.16.0.0/22 


rtrB#sh ip prefix-list detail 
Prefix-list with the last deletion/insertion: aggregate 
ip prefix-list aggregate: 

count: 1, range entries: @, sequences: 5 - 5, refcount: 3 
seq 5 permit 172.16.0.0/22 (hit count: 1, refcount: 1) 
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Finally, check the BGP routing table on Router A to ensure that the 172.16.0,0/22 prefix has 
been allowed and that the more-specific prefixes have been filtered: 


rtrA#show ip bgp 

BGP table version is 2, local router ID is 172.17.1.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
*> 172.16.0.0/22 10142 ®2i 


Configuration Example 2: Allow the More-Specific Prefixes and 


Block the Aggregate 


For this example, we will allow the more-specific prefixes and block the aggregate. The first 
method uses the following prefix list: 


ip prefix-list aggregate permit 172.16.0.0/24 
ip prefix-list aggregate permit 172.16.1.0/24 
ip prefix-list aggregate permit 172.16.2.0/24 
ip prefix-list aggregate permit 172.16.3.0/24 


The following prefix list is a more compact form that achieves the same results: 
ip prefix-list aggregate permit 172.16.0.0/22 ge 23 


The BGP router configuration on Router B remains unchanged. Because there is an implicit 
deny any at the end of every prefix list, we will let this implicit statement block the aggregate. 


Verification 
As in the previous example, check the BGP table on Router A to verify that only the more- 
specific prefixes of 172.16.0.0 are being allowed: 


rtrA#show ip bgp 
BGP table version is 5, local router ID is 172.17.1.1 
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 

Network Next ath 
172.16.0.0/24 10.1 


Ho Metric LocPrf Weigh 
J 
172.16.1.0/24 10.1.1 
a 
in 


172.16.2,0/24 10.1 


t 
i 
i 
i 
172.16.3.0/24 10.1 i 


eR 
@2 
2 
@2 
®2 


bleshooting 


1 Verify that the BGP neighbors are in the Established state using the show ip bgp 
neighbors command. 


If the neighbor relationship is not in the Established state, see section 8-23. 
2 Check the syntax of your prefix list. 
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8-23: neighbor {/p-address | peer-group-name} remote 
number 
Syntax Description 
© ip-address—Neighbor’s IP address. 
° = peer-group-name—Name of the peer group. See section 8-19, 
® number—Neighbor’s autonomous system number (1 to 65534). 
Purpose: This form of the neighbor command is the most important. This comman 
used to configure an internal BGP (IBGP) or external BGP (EBGP) TCP session wi 
another router. Routing information cannot be exchanged without a proper neighbo 
configuration. When configuring BGP, either in a customer’s network or on the | 
we suggest that you first establish and verify that the neighbor relationships have 
established, A common mistake is to attempt to enter a complete BGP configure 
which might include route exchange, route filtering, attribute manipulation, me 
redistribution. If the configuration does not produce the intended results, it is usually 
difficult to eat: due to the config’ ration comp plex ; 


neighbors are prop 
configured, you can continue to satiaty the otter pequirensents. 


Cisco LOS Software Release: 10.0. Peer group support was added in Release 11.0, 


Configuration Example 1: EBGP Neighbor 


EBGP is used between neighbors in different autonomous systems. Typically, E 
neighbors are directly connected, as shown in Figure 8-22. If the neighbors are not dl 
connected, bgp multihop can be used (see sections 8-8 and 8-9). For this exam] pie . 
neighbors are directly connected. The following configuration illustrates the use ¢ 
neighbor command to establish an EBGP relationship. 


Figure 8-22 EBGP Neighbor Relationship 
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Router A 
router bgp 1 

neighbor 10.1.1.2 remote-as 2 
Router B 
router bgp 2 
neighbor 10.1.1.1 remote-as 1 


You need to set only two variables in order to establish a BGP session: the remote neighbor's 
IP address and the remote neighbor’s autonomous system number, as shown in the preceding 
configuration. Therefore, you can make only two mistakes using this command, 


To verify that the neighbor relationship has been established, use the show ip bgp 
neighbors command (see section 14-90): 


AtrA#show ip bgp neighbors 


Index 0, Offset 0, Mask Ox® 
Last read 00:00:01, hold time is 180, keepalive interval is 6@ seconds 
Minimum time between advertisement runs is 5 seconds 
Received 24 messages, ® notifications, @ in queue 
Sent 24 messages, ® notifications, @ in queue 
Connections established 2; dropped 1 
Connection state is ESTAB, I/0 status: 1, unread input bytes: @ 
Local host: 172.16.1.3, Local port: 179 
Foreign host: 172.16.1.7, Foreign port: 


11001 


The important elements that are illustrated are the BGP neighbor’s IP address, autonomous 
system number, link type, and BGP state. 


bleshooting 
1 Ping the neighbor. If the ping is unsuccessful, you do not have a BGP problem. 


2 If the ping is successful, you have improperly configured either the neighbor's IP 
address or autonomous system number. 


If the neighbor relationship is not being established, only two things could be wrong, 
assuming that there are no physical layer problems. If you can ping the neighbor. you 
should be able to establish a BGP connection. Either the neighbor IP address or the 
remote-as number is incorrect. A correct configuration would produce the following 
debug output during the establishment of the BGP connection: 
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Configuration Example 2: IBGP Neighbor ‘il 


RtrB# debug ip bgp events 

BGP: 10.1.1.1 went from Idle to Active 

BGP: scanning routing tables 

BGP: 10.1.1.1 went from Active to OpenSent 

BGP: 10.1.1 went from OpenSent to OpenConfirm 

BGP: 10.1.1.1 went from OpenConfirm to Established 

BGP: 10.1.1 computing updates, neighbor version ®, table version 1, st 
: 10.1.1 update run completed, ran for O®ms, neighbor version ®, sta 


ot ob. ad at 


Notice that the BGP state transitions from Idle to Active to OpenSent to OpenCong 
Established, 


If the wrong AS number is used but the neighbor’s IP address is correct, the neighb 
establish a TCP session, but they will disagree on the AS number, and the connectix 
be closed. The following debug output is produced when the incorrect AS number: 
for the neighbor: . 


1.1 went from Idle to Active 

1.1 went from Active to Idle 
.1.1 went from Idle to Connect 
V4 


-1 went from SOO aLE to Cena 


BGP: 10 
BGP: 10. 
10 


Ciosine to Idle 


went from 


If the neighbor IP address is incorrect, it really doesn’t matter what AS mee Se 
neighbors will never establish the TCP connection in order to exchange AS in 
The following debug output is produced when an incorrect neighbor IP address 


BGP: 10.1.1.3 went from Idle to Active 
BGP: scanning routing tables 
BGP: 10. pre Ne went SCOR AOEANS to coensent 


BGP: Mecteiei went from closing to ttts 


IBGP is used between neighbors in the same AS. IBGP neighbors do not need to 
connected in order to establish a neighbor relationship. Also, the neighbor's IP ade 
not need to be the address assigned to a physical interface. We recommend that 
loopback addresses when establishing IBGP sessions. Section 8-33 examines t 
for using loopback addresses with IBGP. For this example, the objective is tod 
configuring IBGP neighbors and verifying the configuration. Figure 8-23 shows 
scenario for two routers in the same AS. This example uses the IP address of a pl 
interface in the neighbor command. 
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‘qure 8-23 /BGP Neighbor Relationship 


Router A 

router bgp 1 

neighbor 10.1.1.2 remote-as 1 
Router B 

router bgp 1 

neighbor 10.1.1.1 remote-as 1 


Notice that the only differences from the EBGP configuration are the remote AS number 
that is used on Router A and the BGP process number on Router B. 


ferification 
To verify that the neighbor relationship has been established, use the show ip bgp 
neighbors command (see section 14-90): 


RtrA#show ip bgp neighbors 


Index @, Offset @, Mask 0x@ 
BGP version 4, remote router ID 1@.1.1.2 


Last read 00:00:01, hold time is 180, keepalive interval is 6@ seconds 
Minimum time between advertisement runs is 5 seconds 
Received 24 messages, @ notifications, ®@ in queue 
Sent 24 messages, @ notifications, ® in queue 
Connections established 2; dropped 1 
Connection state is ESTAB, 1/0 status: 1, unread input bytes: 0 
Local host: 172.16.1.3, Local port: 179 
Foreign host: 172.16.1.7, Foreign port: 11001 


The link type is now internal because we have established a BGP session between two 
routers in the same autonomous system. As with EBGP, the only errors that can occur are 
using the wrong neighbor IP address or using the wrong neighbor AS number. 
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Troubleshooting 


Troubleshooting for IBGP neighbors is identical to troubleshooting EBGP neigh! bors 
Remember, if you can ping the neighbor, you should be able to establish an IBGP” i 
connection if it’s configured properly. 


8-24: neighbor {ip-address | peer-group-name} remoy 
private-as 
Syntax Description: 
© = ip-address—Neighbor’s IP address. 
©  peer-group-name—Name of the peer group. See section 8-19. 
Purpose: To remove private autonomous systems in updates to the neighbor or peer; 
Private AS numbers are in the range 64512 to 65535. 
The following conditions apply when using this comman 
® Use only with EBGP peers. 
© — If the update has only private AS numbers in the AS path, BGP removes he! 


¢ = If the AS path includes both private and public AS numbers, BGP doesn’t ret 
the private AS numbers. This situation is considered a configuration error. | 

® ifthe AS path contains the AS number of the EBGP neighbor, BGP doesn’t re 
the private AS number. 

© If the AS path contains confederations, BGP removes the private AS n mbei 
if they come after the confederation portion of the AS path. ; 


Cisco IOS Software Release: 12.0 


Configuration Example: Removing a Private AS Number from 
Updates to Neighbors or Peer Groups ; 


In Figure 8-24, an ISP is connected to a customer who is using a private AS t 
ISP is connected to another ISP for Internet connectivity. The ISP in AS 1 needoil 
the private AS number before advertising routes to the ISP in AS 2. 


8-24: neighbor {ip-address | peer-group-name} remove-private-as 203 


re 8-24 Private AS Numbers Should Be Suppressed If Routes Are Advertised to the Internet 


AS path - 65530 AS path - 1,65530 
> Sad 


AS 1 ISP 


AS 65530 customer 


AS path - 1 


ah nation Remove private AS 


Router A 

router bgp 65530 

network 172.16.0.0 mask 255.255.255.0 
network 172.16.1.@ mask 255.255.255.0 
network 172.16.2.@ mask 255.255.255.0 
network 172.16.3.@ mask 255,.255.255.0 
neighbor 10.1.1.2 remote-as 1 

Router B 

router bgp 1 

neighbor 10.1.1.1 remote-as 65530 
neighbor 10,.1.2.2 remote-as 2 
neighbor 10.1.2.2 remove-private-as 
Router 

router bgp 2 

neighbor 10.1.2.1 remote-as 1 


fication 


Before using the command neighbor 10.1.2.2 remove-private-as, check the BGP tables 
on Routers B and C to view the private AS number in the AS path: 


rtrBéshow ip bgp 
BGP table version is 21, local router ID is 172.16.1.1 


Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
*> 172.16.0.0/24 10.1.1.1 ® ® 65530 i 
*> 172.16.1.0/24 10.1.1.1 i) ®@ 65530 i 
*> 172.16.2.0/24 1.1.1.1 Q ® 65530 i 
*> 172.16.3.0/24 10.4.1.1 ) @ 65530 i 


continues 
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rtrC#show ip bgp 

BGP table version is 5, local router ID is 156.26.32.1 
Status codes: s suppressed, d damped, h history, * valid, > best, i - inter 
Origin codes: i - IGP, e - EGP, ? - incomplete . 


Network Next Hop Metric LocPrf Weight Path 
*> 172.16.90.0/24 10.1.2,1 ®@ 1 65530 a 
*> 172.16.1.0/24 10.1.2.1 @ 1 65530 i 
*> 172.16:2.0/24  10.1.2.1 ® 1 65530 i 
*> 172.16.3,.0/24 10,1,2.1 ® 1 65530 i 


Now add the command neighbor 10.1.2.2 remove-private-as on Router B and rechee 
BGP table on Router C: 


rtrc#show ip bgp 

BGP table version is 5, local router ID is 156.26.32,1 
Status codes: s suppressed, d damped, h history, * valid, > best, i - intern 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
*> 172,16.0.0/24 10.1.2.1 O17 i 
*> 172.16.1.0/24 10.1.2.1 @1i 
*> 172.16.2.0/24 1 tees4 Li as 
*> 172.16.3.0/24 10.1.2.1 01 i 


As you can see, the private AS number (65530) has been removed, 


Troubleshooting 
1 Verify that the BGP neighbors are in the Established state using the show ipB 
neighbors command. 


If the neighbor relationship is not in the Established state, see section 8-23. 


2 Verify that the private AS numbers have been removed by using show ip 


3 Ifthe private AS numbers have not been removed, check the neighbor's IP addt 
peer group name in the remove-private-as command. 


8-25: neighbor {ip-address| peer-group-name} routet 
route-map-name in 
Syntax Description: 

© = ip-address—Neighbor’s IP address. 


© peer-group-name—Name of the peer group. See section 8-19. 
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° — route-map-name—Name of the route map used for incoming updates from the 
specified neighbor or peer group. 


Purpose: A route map is an extremely powerful tool for route filtering and BGP attribute 
manipulation. Appendix C contains a complete discussion of route map logic. In this 
section, we will examine common uses of a route map for route filtering and BGP attribute 
manipulation. 


Cisco IOS Software Release: 10.0. Peer group support was added in Release 11.0. 


Configuration Example 1: Basic Route Filter Using an IP Standard 
Access List 
, The configuration in Figure 8-25 will be used for each route map example in this section. 


re 8-25 Configuration Used to Demonstrate the Use of an Input Route Map 


BGP route update 


Router A 

router bgp 1 

neighbor 10.1.1.2 remote-as 2 

Router B 

interface loopback @ 

ip address 172.16.0.1 255.255.255.0 
! 
interface loopback 1 

ip address 172.16.1.1 255.255.255.0 
{ 
interface loopback 2 

ip address 172.16.2.1 255.255.255.6 
! 
interface loopback 3 

ip address 172.16.3.1 255.255.255.0 
! 
router bgp 2 

neighbor 10.1.1.1 remote-as 1 
network 172.16.0.0 mask 255.255.255. 
network 172.16.1.@ mask 255.255.255. 
network 172.16.2.@ mask 255.255.255. 
network 172.16.3.@ mask 255.255.255. 
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Before looking at the first route map example, verify that Router A is receiving the fg 
172.16 prefixes from Router B: a 


rtrA#show ip bgp 
BGP table version is 5, local router ID is 172.17.1.1 
Status codes: s suppressed, d damped, h history, * valid, > best, i - interne 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
*> 172.16.0.0/24 10.1.1.2 1) @2i 
*> 172.16.1.0/24 10.1.1.2 to) 2 i 
*> 172.16.2.0/24 10.1.1.2 \) 22 

172.16.3.0/24 othe 1) 2i 


We want to use an input route map on Router A to block network 172.16.2.0/24. 
use a neighbor distribute list (see section 8-6) or prefix list (see section 8-21) to ac 
this task, but because this section concerns route maps, we might as well use one. Confi 
the following route map on Router A. | 


Releases of Cisco LOS Software prior to 11.2 did not permit the use of an input route 
that matched on the IP address. This restriction was removed in Release 11.2 and late 
versions. 


Router A 
router bgp 1 
neighbor 10.1.1.2 remote-as 2 


Whenever you change a policy with a neighbor, you need to restart the BGP session by. 
clear ip bgp * or clear ip bgp neighbor-address. For this example, use clear ip bgp 19 


Because we are either denying or permitting a route, we do not need any set comma 
the route map. Each route or prefix received from Router B is processed by the mpw 
map with a name filter. The result of a route map is to either permit or deny an a 
action in this example is to permit routes received from a BGP neighbor to be in 
the BGP table. 
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erification 


Verify that the prefix 172.16.2.0/24 has been filtered: 


rtrA#show ip bgp 

BGP table version is 22, local router ID is 172.17.1.1 

Status codes: s suppressed, d damped, h history, * valid, > best, 4 - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Metric LocPrf Weight Path 
*> 172.16.0.0/24 thie Us @ 2d, 
*> 172.16.1.0/24 ) 2 

*> 172.16.3.0/24 


Configuration Example 2: Basic Route Filter Using an IP Extended 
s List 


An extended IP access list can be used to match on the incoming prefix and mask. The second 
subnet/mask portion of the extended access list is used to match the mask length. Configure 
an aggregate address on Router B in order to generate a prefix with a 22-bit mask length: 


Router B 

router bgp 2 

network 172.16.0.@ mask 255.255.255.0 
network 172.16.1.0 mask 255.255.255.0 
network 172.16.2.0 mask 255.255.255.0 
network 172.16.3.0 mask 255.255.255.0 


neighbor 10.1.1.1 remote-as 1 


Verify that the aggregate address is being advertised to Router A: 


rtrA#show ip bgp 

BGP table version is 10, local router ID is 192.16.2.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Metric LocPrf Weigh 
*> 172,.16.0.0/24 Sit ) 
“> 172.16.0.0/22 


172.16.2.0/24 
172.16.3.0/24 


t 
8 
i] 
172.16.1,0/24 hete ® 
® 
® 
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Now add the route map on Router A to filter the aggregate prefix 172.16.0.0/22:_ 


Router A 
router bgp 1 
neighbor 10.1.1.2 remote-as 2 


Verification 
Verify that the 172.16.0.0/22 prefix has been filtered on Router A: 


rtrAgshow ip bgp 

BGP table version is 5, local router ID is 192.16.2.1 
Status codes: s suppressed, d damped, h history, * valid, > best, i - intern 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
*> 172.16.0.0/24 10.1.1.2 @ @2i 
*> 172.16.1.0/24 10.1.1.2 Q i 
*> 172.16.2.8/24 18.1.1.2 8 

172.16.3.0/24 10.1.1.2 e 


Configuration Example 3: Basic BGP Attribute Manipulation 


Assume that we do not want to block any routes received from a neighbor but 
adjust one or more BGP attributes. For this example, we will set the weight of alll 
received from Router B to 90 using a route map, Because we will apply this poli€ 


updates from Router B, we do not need a match clause, only a set clause, as ShOWE 
following configuration for Router A: ' 


Router A 
router bgp 1 
neighbor 18.1.1.2 remote-as 2 


The command neighbor ip-address weight (see section 8-35) would have accom 
the same objective. 
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Jerification 
Verify that the weight of all routes received from Router B has been set to 90: 


rtrA#show ip bgp 

BGP table version is 6, local router ID is 192.16.2.41 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Ho Metric LocPrf Weight Path 
*> 172.16.0.0/24 10.1.1. ® 
*> 172.16.1.0/24 10.1.1. 

172.16.2.0/24 10.1.1. 
ate 


@ 
i) 
172.16.3.0/24 10.1 a 


Configuration Example 4: Selective BGP Attribute Manipulation 


In the preceding example, we set the weight of all routes learned from Router B to 90. In 
this example, we will set the weight of 172.16.2.0 to 90 and the rest of the weights to 45. 
This demonstrates the flexibility of using a route map. Modify the configuration on Route 
A to the following: 

Router A 


router bgp 1 
neighbor 1@.1.1.2 remote-as 2 


ae ° 
aro - = , = 


The second stanza of the route map is the default case. If we had not used a second route 
map stanza, all routes that did not match IP address | would have been blocked. Therefore, 
it is extremely important that you configure a default route map stanza if needed. 


erification 
Verify the new weight settings on Router A: 


rtrA#show ip bgp 
BGP table version is 6, local router ID is 192.16.2.1 


Status codes: s suppressed, d damped, h history, “* valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


continues 
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Configuration Example 5: Filter Based on AS Path Information 


Verification 


(Continued) 

Network Next Hop Metric LocPrf Weight Path 
*> 172.16.0.0/24 10.1.1.2 1) 452i 
*> 172.16.1.0/24 10,1,1.2 ) 45 24 
*> 172.16.2.0/24 10.1.1.2 i) 90 2 i 
"> 172.16.3.0/24 10.1.1.2 1) 452i 


The previous examples have made filtering decisions based on the route/prefix i 
in the neighbor updates. In this example, we will see how to filter routes based 
AS PATH attribute. All the routes from Router B have the same AS path inform 
this example demonstrates the required route map syntax. Again, the objective is: 
weight of the routes learned from Router B to 90, but the decision will be based 
path information. The decision is to set the weights only on routes originating 
directly connected BGP neighbor. For this case, the AS path to match is 


<beginning of string>AS number<end of string> 
The required regular expression is *2$, as shown in the following configuration for Ro 


Router A 
router bgp 1 
neighbor 10.1.1.2 remote-as 2 


Without the second route map stanza, all routes not matching AS path *2$ would bed 
This might or might not be the result you intended. 


Verify the weight settings on Router A: 


rtrA#show ip bgp 
BGP table version is 6, local router ID is 192.16.2.1 d 
Status codes: s suppressed, d damped, nh history, * valid, > best, i - inter 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
*> 172.16.0.0/24 10.1.1.2 t) 98 2 i 
*> 172.16.1.0/24 10.1.1.2 @ 90 2i 
*> 172.16.2.0/24 10.1.1.2 ® 90 2i 
172.16.3.0/24 10.1.1.2 i) 99 2i 
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foubleshooting : 
1 Verify that the BGP neighbors are in the Established state using the show ip bgp 
neighbors command. 


If the neighbor relationship is not in the Established state, see section 8-23. 


2 Verify that the input route map is being used with the BGP neighbor using the show 
ip bgp neighbors command: 


rtrA#sh ip bgp n 
BGP neighbor is 10.1.1.2, remote AS 2, external link 
Index 1, Offset @, Mask @x2 
BGP version 4, remote router ID 172.16.3.1 
BGP state = Established, table version = 5, up for 00:02:51 
Last read 00:00:52, hold time is 180, keepalive interval is 60 seconds 
Minimum time between advertisement runs is 30 seconds 
Received 19097 messages, ® notifications, ® in queue 
Sent 19028 messages, @ notifications, @ in queue 
Prefix advertised 6, suppressed ®, withdrawn 2 


Connections established 38; dropped 37 
Last reset 00:03:22, due to User reset 
4 accepted prefixes consume 128 bytes 
® history paths consume @ bytes 
Connection state is ESTAB, I/0 status: 1, unread input bytes: @ 
Local host: 10.1.1.1, Local port: 11076 
Foreign host: 10.1.1.2, Foreign port: 179 
Enqueued packets for retransmit: 0, input: ® mis-ordered: @ (® bytes) 


3 Verify that the correct neighbor address is being used with the neighbor ip-address 
route-map route-map-name in command. 


4 Verify that you are using the correct route map name. 
5 Verify the logic of your route map (see Appendix C). 


6 You can view the route map using the show route-map route-map-name command: 


rtrA#show route-map filter 
route-map fiiter, permit, sequence 10 
Match clauses; 
ip address (access-lists): 1 
Set clauses: 
weight 90 


Policy routing matches: @ packets, @ bytes 
route-map filter, permit, sequence 20 
Match clauses: 


Set clauses: 
weight 45 
Policy routing matches: @ packets, ® bytes 
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8-26: neighbor {/p-address | peer-group-name} routes-r 
route-map-name out 
Syntax Description: 
© = ip-address—Neighbor’s IP address. 
© = peer-group-name—Name of the peer group. See section 8-19. 


° — route-map-name—Name of the route map used for outgoing updates to a gp 
neighbor or peer group. 3 


Purpose: A route map is an extremely powerful tool for route filtering and BGP att 
manipulation. Appendix C contains a complete discussion of route map logic. In th 
section, we will examine common uses of a route map for route filtering and BGP a 
manipulation. 


Cisco IOS Software Release: 10.0. Peer group support was added in Release 11.0, 


Configuration Example 1: Basic Route Filter Using an IP Stand 

Access List 
The configuration shown in Figure 8-26 will be used for each route map exam ple it 
section. 


Figure 8-26 Configuration Used to Demonstrate the Use of an Output Route Map 


Output route map ~<—— BGP route update 


172,16.2.0/24 
172.16.3.0/24 


Router A 

router bgp 1 

neighbor 10.1.1.2 remote-as 2 
Router B 

interface loopback @ 

ip address 172.16.0.1 255.255.255.0 
! 

interface loopback 1 

ip address 172.16.1.1 255.255.255.0 
! 

interface loopback 2 

ip address 172.16.2.1 255.255.255.060 
! 
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(Continued) 

interface loopback 3 

ip address 172.16.3.1 255.255.255.0 

! 

router bgp 2 

neighbor 10.1.1.1 remote-as 1 

network 172.16.0.0 mask 255.255.255.0 
network 172.16.1.0 mask 255.255.255.0 
network 172.16.2.0 mask 255.255.255.0 
network 172.16.3.0 mask 255.255.255.0 


Before looking at the first route map example, verify that Router A is receiving the four 
172.16 prefixes from Router B: 


rtrA#show ip bgp 

BGP table version is 5, local router ID is 172.17.1.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Metric LocPrf Weight 
172.16.0.0/24 chistes v1) 
172.16.1.0/24 Feo Ss ® 
172.16.2.0/24 Be a ee ® 
172.16.3.0/24 ® 


th 


Pa 
@2i 
O2i 
@2i 
@2i 


We want to use an output route map on Router B to block network 172.16.1.0/24. We could 
use a neighbor distribute list (see section 8-7) or prefix list (see section 8-21) to accomplish 
this task, but because this section concerns route maps, we might as well use one. Configure 
the following route map on Router B: 

Router B 


router bgp 2 
neighbor 10.1.1.1 remote-as 1 


Whenever you change a policy with a neighbor, you need to restart the BGP session by 
using clear ip bgp * or clear ip bgp neighbor-address. For this example, use clear ip bgp 
10.1.1.1 on Router B. 


Because we are either denying or permitting a route, we do not need any set commands in 
the route map. Each route or prefix advertised to Router A will be processed by the output 
route map with a name filter. The result of a route map is to either permit or deny an action. 
The action in this example is to permit routes to be advertised to a BGP neighbor. 
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Verification 
Verify that the prefix 172.16.1.0/24 has been filtered: 


rrtA#show ip bgp 
BGP table version is 22, local router ID is 172.17.1.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - in 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next 


H Metric LocPrf Weight Path 
*> 172.16.0.0/24 10.1.1. 

1 

1 


*> 172.16.2.0/24 10,1,14. 
*> 172.16.3.0/24 


Configuration Example 2: Manipulate AS Path Information 


A route map will be used on Router B to adjust the AS path information sent t 
Normally, Router B would append only its AS number to the updates sent to R 
this example, we will prepend an additional AS number to the routes. The route 
required to accomplish this is shown in the following configuration: 


Router B 
router bgp 2 
neighbor 10.1.1.1 remote-as 1 


Verification 


Verify that the routes received by Router A have the AS number 6 prepended to the Ai 
information: 


rtrAéshow ip bgp 
BGP table version is 17, local router ID is 192.16.2.4 
Status codes: s suppressed, d damped, h history, * valid, > best, i - inter 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
*> 172.16.8.0/24 10.1.1.2 0) @26 
*> 172.16.1.0/24 10.1.1.2 i) 626 
*> 172.16.2.0/24 10.1.1.2 Q @26 

172.16.3.0/24 10.1.1.2 3) @26 
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configuration Example 3: Append AS Information to Selected. 
Routes 
| In the preceding example, the AS number 6 was prepended to all routes advertised by 
Router B. In this example, we want to prepend this AS number only to the route 172.16.2.0/ 
24. This requires a match condition in the route map, as shown in the following 
configuration: 

Router B 


router bgp 2 
neighbor 10.1.1.1 remote-as 1 


! 
access-list 1 permit 172.16.2.0 0.0.0.255 


J The route-map filter permit 20 statement is the default case. Without it, routes not 
matching access list | would be denied. 


Verification 

Verify that the AS number 6 has been applied to only the 172.16.2.0/24 prefix: 
rtrA#show ip bgp 
BGP table version is 28, local router ID is 192.16.2,1 


Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
*> 172.16.0.0/24 BG) Pee v1) @2i 
*> 172,16.1.0/24 Se @2i 


*> 172.16.3.0/24 10.1.1.2 


172.16.0.0/2 


-3.0/24 to 1, 2, 3. and 4, respectively: 
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Verification 


router bgp 2 
network 172.16.0.0 mask 255.255.255.0 
network 172.16.1.@ mask 255.255.255.0 
network 172.16.2.8 mask 255.255.255.0 
network 172.16.3.0 mask 255.255.255.0@ 


neighbor 10.1.1.1 route-map filter out 
! 

access-list 1 permit 172.16.0.@ 0.0.0.255 
access-list 2 permit 172.16.1.® 0.0.9.255 
access-list 3 permit 172.16.2.0 0.0.0.255 
access-list 4 permit 172.16.3.@ 0.0.0.255 
! 

route-map filter permit 10 

match ip address 1 

set community 1 

! 

route-map filter permit 20 

match ip address 2 

set community 2 

5 

route-map filter permit 30 

match ip address 3 

set community 3 

! 

route-map filter permit 40 

match ip address 4 

set community 4 

! 

route-map filter permit 5 


Don’t forget to use the neighbor send-community command. Without it, the com 
values we are setting will not be advertised. The last stanza in the route map is 
case. We will pass all routes unmodified that don’t match the first four route map st 


Verify the new community settings on Router A: 


rtrA#show ip bgp community 1 

BGP table version is 5@, local router ID is 192.16.2.1 owe 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 

Origin codes: i - IGP, e - EGP, ? - incomplete o 
Network Next Hop Metric LocPrf Weight Path 

*> 172.16.0.0/24 10.1.1.2 4) @2t 


rtrA#show ip bgp community 2 

BGP table version is 5@, local router ID is 192.16.2.1 -. 
Status codes: s suppressed, d damped, h history, * valid, > best, i - intern 
Origin codes: i - IGP, e - EGP, ? - incomplete 
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(Continued) 
Network Next Hop Metric LocPrf Weight Path 
*> 172.16.1.0/24 10.1.1.2 a @21 


rtrA#show ip bgp community 3 

BGP table version is 50, local router ID is 192.16.2.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
*> 172.16.2.0/24 IO.t0452 v4) @2T1 


rtrA#show ip bgp community 4 

BGP table version is 50, local router ID is 192.16.2.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, 7? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
*> 172.16.3.0/24 10.1.1.2 ) @21 


ubleshooting 


1 Verify that the BGP neighbors are in the Established state using the show ip bgp 
neighbors command. 


If the neighbor relationship is not in the Established state, see section 8-23. 


2 Verify that the input route map is being used with the BGP neighbor using the show 
ip bgp neighbors command: 


rtrB#show ip bgp n 
BGP neighbor is 10.1.1.1, remote AS 1, external link 

Index 1, Offset @, Mask 0x2 

Community attribute sent to this neighbor 

BGP version 4, remote router ID 192.16.2.1 

BGP state = Established, table version = 6, up for 00:04:28 

Last read 00:00:27, hold time is 180, keepalive interval is 60 seconds 

Minimum time between advertisement runs is 30 seconds 

Received 19132 messages, 3 notifications, @ in queue 

Sent 19248 messages, @ notifications, ® in queue 
Prefix advertised 231, suppressed 0, withdrawn 2 


= S esta S IS Goropped 46 
Last reset 00:04:58, due to User rese 
® accepted prefixes consume ® bytes 

® history paths consume ® bytes 
Connection state is ESTAB, I/O status: 1, unread input bytes: 0 
Local host: 10.1.1.2, Local port: 11068 
Foreign host: 10.1.1.1, Foreign port: 179 
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3 Verify that the correct neighbor address is being used with the neighbor jp-g 
route-map roule-map-name in command. “a 


4 Verify that you are using the correct route map name. 
5 Verify the logic of your route map (see Appendix C). 
6 You can view the route map using the command show route-map route-map 


rtrBeshow route-map filter 
route-map filter, permit, sequence 10 
Match clauses: 
ip address (access-lists): 1 
Set clauses: 
community 1 
Policy routing matches: @ packets, ® bytes 
route-map filter, permit, sequence 20 
Match clauses: 
ip address (access-lists): 2 
Set clauses: 
community 2 
Policy routing matches: 0 packets, ® bytes 
route-map filter, permit, sequence 30 
Match clauses: 
ip address (access-lists): 3 
Set clauses: 
community 3 
Policy routing matches: ® packets, @ bytes 
route-map filter, permit, sequence 40 
Match clauses: 
ip address (access-lists): 4 
Set clauses: 
community 4 
Policy routing matches: ® packets, 0 bytes 
route-map filtert, permit, sequence 50 
Match clauses: 


Set clauses: 
Policy routing matches: ® packets, @ bytes = 


8-27: neighbor {ip-address | peer-group-name} route 
reflector-client 
Syntax Description: 
© = ip-address—Neighbor’s IP address. 
© = peer-group-name—Name of the peer group. See section 8-19. 


Purpose: IBGP neighbors do not propagate routing information learned from on 
neighbor to another IBGP neighbor. Therefore, if you are running IBGP, ever 
speaker must have a connection to every other IBGP speaker in the AS. This bee 


for 2 to 10 IBGP speakers. 


IBGP Connections Needed for a Full Mesh 


rable 8-1 
| Number of IBGP Speakers Number of Connections 


a 
foe alle 
| 


Configuration Example 1: Single Route Reflector 


8-27: neighbor {ip-address | peer-group-name} route-reflector-client 


scaling problem as the number of IBGP speakers increases. The number of IBGP. 
connections for m speakers is (11(—1))/2. Table 8-1 lists the number of connections needed 


A route reflector is one technique to overcome the scaling issue with IBGP. One or more 
routers serve as a route reflector, and other routers are clients to the route reflector. Route 
reflectors reflect routes learned from a route reflector client to the other clients. With one 
route reflector, the number of logical connections needed for n IBGP speakers is n—1. 


Cisco IOS Software Release: 10.0. Peer group support was added in Release 11.0. 


Assume that the network in Figure 8-27 requires IBGP for the exchange of routing 
information. Without a route reflector, we would need three BGP neighbor connections. We 
can reduce the number of BGP connections to two by using a single route reflector. 
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Figure 8-27 Route Reflector 


Client 


loopback 0 
172.16.1.1/32 


loopback 6 
172.16.1.2/32 


10.1.1.4 10,1.2.2 


Pom eae 


Router A 
interface Loopback® 
ip address 172.16.1.1 255.255.255.255 
! 
interface Ethernet® 
ip address 172.17.1.1 255.255.255.6 
! 
interface Serialdé 
ip address 10.1.1.1 255.255.255.252 
! 
router ospf 1 


network 10.0,.0.0 @.255.255.255 area ® 
network 172.16.0.0 @.0.255.255 area ® 
network 172.17,0.8 @.0.255.255 area @ 


! 

router bgp 1 

neighbor 172.16.1.3 remote-as 1 
neighbor 172.16.1.3 update-source Loopback® 
Router 6 

interface Loopback? 

ip address 172.16.1.3 255.255.255.0 
| 

interface Seriald 

ip address 10.1.1.2 255.255.255.252 
clockrate 64000 


. 
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(Continued) 
interface Seriali 

ip address 10.1.2.1 255.255.255.252 
clockrate 64000 

! 
router ospf 1 

network 10.0.0.0 @.255.255.255 area @ 
network 172.16.0.0 @.0.255.255 area @ 
! 


router bgp 1 yal 
neighbor 172.16.1.1 remote-as 1 on 


pighbor 172.16.1.1 update-source Loopback® 


neighbor 17 5 mn 
neighbor 172.16.1.2 update-source Loopback® 


interface Loopback® 

ip address 172.16.1.2 255.255.255.255 
1 

interface Ethernet@ 

ip address 172.17.1.2 255.255.255.080 

! 

interface Serial@ 

ip address 10.1.2.2 255.255.255.252 

! 
router ospf 1 

network 10.0.0.0 @.255.255.255 area @ 
network 172.16.0.@ 0.0.255.255 area 0 
network 172.17.0.0 0.0.255.255 area @ 
! 
router bgp 1 

neighbor 172.16.1.3 remote-as 1 
neighbor 172.16.1.3 update-source Loopback® 


Notice that only the route reflector needs additional configuration. Loopback addresses 
were used in this configuration. See section 8-33 for a discussion of IBGP and loopback 
addresses. 


let ification 


Verify that the IBGP sessions are being established with the route reflector by examining 
the IBGP neighbors on Router B: 


rtrBe 
BGP neighbor is 172.16.1.1, remote AS 1, internal link 
Index 1, Offset @, Mask Qx2 


BGP version 4, remote router ID 172.16.1.1 
BGP state = Established, table version = 3, up for 00:28:24 
Last read 00:00:26, hold time is 180, keepalive interval is 60 seconds 


continues 
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(Continued) 
Minimum time between advertisement runs is 5 seconds 
Received 31 messages, ® notifications, ® in queue 
Sent 31 messages, ® notifications, ® in queue 
Prefix advertised ®, suppressed ®, withdrawn 0 
Connections established 1; dropped 0 
Last reset 00:28:34, due to RR client config change 
@ accepted prefixes consume @ bytes 
® history paths consume @ bytes 
Connection state is ESTAB, 1/0 status: 1, unread input bytes: @ 
Local host: 172.16.1.3, Local port: 11026 
Foreign host: 172.16.1.1, Foreign port: 179 


BGP neighbor is 172.16.1.2, remote AS 1, internal link 
Index 2, Offset @, Mask @x4 


BGP version 4, remote router ID 172.16.1.2 
BGP state = Established, table version = 3, up for 00:28:21 
Last read 00:00:22, hold time is 180, keepalive interval is 60 seconds 
Minimum time between advertisement runs is 5 seconds 
Received 31 messages, 9 notifications, @ in queue 
Sent 31 messages, @ notifications, ® in queue 
Prefix advertised 0, suppressed 0, withdrawn 0 
Connections established 1; dropped 0 
Last reset 00:28:33, due to RR client config change 
® accepted prefixes consume @ bytes 
® history paths consume ® bytes 
Connection state is ESTAB, I/O status: 1, unread input bytes: @ 
Local host: 172.16.1.3, Local port: 11027 
Foreign host: 172.16.1.2, Foreign port: 179 


Configuration Example 2: Multiple Route Reflectors 


Multiple route reflectors can be used in an AS to further scale the network. Fig ur é 
nine routers. Three of them—Routers A, D, and H—are acting as route reflector 
A has route reflector clients B and C, Router D has route reflector clients E and 
Router H has route reflector clients I and J. A full IBGP mesh is required be 
A, D, and H, as shown in the following configurations. 
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iqure 8-28 Multiple Route Reflectors 


Client of A 


Router A 
router bgp 1 
neighbor (IP 
neighbor (IP 
neighbor (IP 
neighbor (IP 
neighbor (IP 
neighbor (IP 
Router B 
router bgp 1 


Client of H 


Client of H 


Full IBGP mesh between 
r reflectors 


Client of A 


address 
address 
address 
address 
address 
address 


for Router 
for Router 
for Router 
for Router 
for Router 
for Router 


Client of D 


remote-as 1 
route-reflector-client 
remote-as 1 
route-reflector-client 
remote-as 1 
remote-as 1 


neighbor (IP address for Router A) remote-as 1 


Router 
router bgp 1 


neighbor (IP address for Router A) remote-as 1 


Router D 
router bgp 1 


neighbor (IP address for Router E) remote-as 1 
neighbor (IP address for Router E) route-reflector-client 


continues 
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(Continued) 

neighbor (IP address for Router F) remote-as 1 

neighbor (IP address for Router F) route-reflector-client 
neighbor (IP address for Router A) remote-as 1 

neighbor (IP address for Router H) remote-as 1 


router bgp 1 

neighbor (IP address for Router D) remote-as 1 
Router 

router bgp 1 

nese (IP address for Router D) remote-as 1 


router bgp 1 

neighbor (IP address for Router I) remote-as 1 

neighbor (IP address for Router I) route-reflector-client 
neighbor (IP address for Router J) remote-as 1 

neighbor (IP address for Router J) route-reflector-client 
neighbor (IP address for Router A) remote-as 1 

neighbor (IP address for Router D) remote-as 1 

Router 

router bgp 1 

neighbor (IP address for Router H) remote-as 1 

Router 

router bgp 1 

neighbor (IP address for Router H) remote-as 1 


There are three clusters of routers. The first cluster contains Routers A, B, and: = r 
second cluster contains Routers D, E, and F. The third cluster contains Routers F 
Each cluster is configured with one route reflector and two clients in the same 
Configuration Example 1. The route reflectors need to be configured using a ful 
mesh using normal IBGP connections or a nonclient peer connection. Route ré 
advertise routes based on the following rules: 


® Advertisements received from nonclient peers are reflected to the route reflector 
clients. 
* Advertisements received from client peers then reflect to all nonclient and 
peers (except the one from which the advertisement was received). 


* Advertisements received from EBGP neighbors are reflected to all client ami 
nonclient peers. 


Troubleshooting 
1 Verify that the BGP neighbors are in the Established state using the show iP 

neighbors command. 

If the neighbor relationship is not in the Established state, see section 8-23. F@ 

and loopbacks, see section 8-33. 

2 Verify that clients are actually clients and that nonclients are nonclients Usit 

show ip bgp neighbors command. 
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Syntax Description: 
© = ip-address—Neighbor’s IP address. 


© — peer-group-name—Name of the peer group. See section 8-19. 


: By default, BGP community attributes are not advertised to peers. 


information. Sinations mi ‘ight arise in which you need to apply noHeiss to routes that do not 
have any of the previously mentioned attributes in common. A community value is a 
numerical value or set of values that can be attached to a BGP route. Routing policies can 
then be applied to routes that contain a particular community value or attribute. 


Cisco LOS Software Release: 10.3. The peer-group-name option was added in Release | 1.0. 


Configuration Example: NO-EXPORT Community Value 


route map on Router A, as shown in the following configure For a complete discussion 
of route maps, see Appendix C. 


Figure 8-29 VO-EXPORT Community 


172.16.0.0 
172.16.1.0 no-export 172.16.0.0 
172.16.2.0 172.16.2.0 


172.16.3.0 172.16.3.0 
pee BE ek eS 
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Figure 8-30 NO-ADVERTISE Community 


172.16.0.0 

172.16.1.0 no-advertise 172.16.0.0 

172.16.2.0 172.16.2.0 

172,16.3.0 172.18.3.0 

———___________» 
172.16.0.0/24 
72:16.1.0/24  10.1.1.1 10.1.1.2 a 

AA. 11,2 eer Bie 10.1.2.1 <2 
172.16.2.0/24 Ss Pn : 0122 Pa 
172.16.3.0/24 A a 
AS 65530 
Router A 


router bgp 65530 

network 172.16.0.0 mask 255.255.255.090 
network 172.16.1.0 mask 255.255.255.0 
network 172.16.2.0 mask 255.255.255.0 
network 172.16.3.@ mask 255.255.255.8 
neighbor 1@.1.1.2 remote-as 1 


neighbor 10.1.1.2 route-map setnoexport out 
{ 
access-list 1 permit 172.16.1.0 0.0.0.255 
t 
route-map setnoexport permit 10 
match ip address 1 


route-map setnoexport permit 26 * 


Houter 8B 

router bgp 1 

neighbor 10.1.1.1 remote-as 65530 
neighbor 10.1.2.2 remote-as 2 


router bgp 2 
neighbor 10.1.2.1 remote-as 1 


For this configuration, Router B should receive the four 172.16 prefixes from Rou 
Because the 172.16.1.0 prefix has the NO_EXPORT community value, Router 
advertise this route to Router C. 


Verify the effect of the NO_EXPORT community value by checking the BGP tab 
Routers B and C: 
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rtrB#show ip bgp 

BGP table version is 41, local router ID is 10.1.1.2 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Metric LocPrf Weight Path 
172.16.0.0/24 34a ’) @ 65530 i 
172.16.1.0/24 a eh i) @ 65530 i 
172.16.2.0/24 =F 19) ® ® 65530 i 
172.16.3.0/24 ) @ 65530 i 

rtrceshow ip bgp 

BGP table version is 41, local router ID is 10.1.2.2 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 

Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Metric LocPrf Weight Path 
*> 172.16.0.0/24 mt ®@ 1 65530 i 
*> 172.16.2.0/24 Py fev @ 1 65530 i 
*> 172.16.3.0/24 a he 2 @ 1 65530 i 


The community values of routes can be checked using the show ip bgp community command: 


rtrB#show ip bgp community no-export 

BGP table version is 41, local router ID is 10,1.1.2 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
*> 172.16.1.0/24 10.1.1.1 1) @ 65530 i 


ubleshooting 


1 Verify that the BGP neighbors are in the Established state using the show ip bgp 
neighbors command. 


If the neighbor relationship is not in the Established state, see section 8-23. 
2 Verify that you have configured the neighbor send-community command. 


3 Check the syntax of the route map used to set the community attribute. 


4 Use the command show ip bgp community community-value in order to verify that 
the community value has been set and received. 


29: neighbor {/p-address | peer-group-name} shutdown 


Syntax Description: 
© — ip-address—Neighbor's IP address. 
e 


peer-group-name—Name of the peer group. See section 8-19. 
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Purpose: Prior to Cisco IOS Software Release 12.0, the only way you could s shut ¢ 
BGP neighbor was to remove the neighbor configuration using no neighbor jp a 
remote-as as-number. This was an inconvenience, because all configuration staten 
associated with the neighbor were also deleted. 


Cisco IOS Software Release: |2.0 


Configuration Example: Administratively Shutting Down a BG 
Session 


The following configuration administratively shuts down the BGP session. To re 2er 
session, use the no form of the command: 


router bgp 1 P . 
neighbor 10.1.1.2 remote-as 1 


Verification | 
Use the show ip bgp neighbors command to verify that the neighbor has been shu 


rtrA#show ip bgp neighbors 
BGP neighbor is 10.1.1.2, remote AS 1, internal link 


Index 1, Offset 0, Mask @x2 
BGP version 4, remote router ID 0.0.0.0 
BGP state = Idle, table version = 0 q 
Last read @0:00:15, hold time is 180, keepalive interval is 6@ seconds” 
Minimum time between advertisement runs is 5 seconds 
Received 259 messages, @ notifications, @ in queue 
Sent 257 messages, @ notifications, ® in queue 
Prefix advertised 0, suppressed ®, withdrawn 0 
Connections established 5; dropped 5 


Troubleshooting 


This is the one time that the neighbors should not be in the Established state. If they 
only error can be in the IP address used with the shutdown command. 
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30: neighbor {ip-address | peer-group-name} soft- - 
reconfiguration inbound 
Syntax Description: 
© = ip-address—Neighbor’s IP address, 
© = peer-group-name—Name of the peer group. See section 8-19, 


Purpose: If you have a policy configured with a BGP neighbor, such as a route map or 


distribute list, and 


egardless of the inbound policy, Be aware that using inbound 


solic uses more memory than not using inbound soft reconfiguration. pas 


Cisco LOS Software Release: | |.2 


Configuration Example: Setting Inbound Soft Reconfiguration with 
a Specific Neighbor 


To configure inbound soft reconfiguration with a specific neighbor, use the following 
configuration as a guide: 


router bgp 2 
neighbor 1@.1.1.2 remote-as 1 
neighbor 10.1.1.2 soft-reconfiguration inbound 


Verification 
Use the show ip bgp neighbors command to verify that soft reconfiguration has been enabled: 


router# 
BGP neighbor is 16.1.1.2, remote AS 1, external link 
Index 1, Offset ®, Mask @x2 


BGP version 4, remote router ID 172.16.1.1 
BGP state = Established, table version = 6, up for 00:00:33 
Last read 00:00:33, hold time is 180, keepalive interval is 6@ seconds 


Minimum time between advertisement runs is 30 seconds 
Received 52 messages, @ notifications, ® in queue 
Sent 58 messages, ® notifications, ® in queue 
Connections established 5; dropped 4 
Connection state is ESTAB, I/0 status: 1, unread input bytes: 0 
Local host: 10.1.1.1, Local port: 11456 
Foreign host: 10.1.1.2, Foreign port: 179 
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Troubleshooting 


1 Verify that the BGP neighbors are in the Established state using the show ip 
neighbors command. 


If the neighbor relationship is not in the Established state, see section 8-23, | 


2 Verify that soft reconfiguration inbound has been enabled by using show ig ip be 
neighbors. 


3 If the session is established and soft reconfiguration has not been enabled, che 
' neighbor's IP address in the neighbor ip-address soft-reconfiguration inbor 
command. id 


, J 
8-31: neighbor {ip-address | peer-group-name} timers 
keepalive holdtime 
Syntax Description: 
© = ip-address—Neighbor's IP address. 


° —peer-group-name—Name of the peer group. See section 8-19. 
oO 
+t 
° 
Purpose: Keepalive and holdtime are common among IP routing protocols. The ket 
time indicates how often a router sends a keepalive message to a neighbor to info 
neighbor that the router is still alive and well. The holdtime is used as a deathwatel 
keepalive message is not received within the holdtime, the neighbor is declared de 
the session is terminated. The default value for the keepalive time is 60 seconds. E 
holdtime is 3 times the keepalive time, or 180 seconds. Generally, these values don 
to be changed. If you do change them, it is a good rule to make the holdtime equal (0 
whatever keepalive value you use. Of course, the holdtime should always be g 
the keepalive time. A good practice to follow is to configure the same keepalive 
holdtimes on both sides of the link. 


Cisco IOS Software Release: |2.0 


Configuration Example: Changing the Keepalive and Holdti 
Change the default settings for keepalive and holdtime to 50 and 150 seconds, ce 


Router A 
router bgp 1 


neighbor 10.1.1.2 remote- 
neighbor 18.1.1.2 


no auto-summary 
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Verification 
Verify the new keepalive and holdtime values by using the show ip bgp neighbors 
command: 


rtrA#show ip bgp neighbors 
BGP neighbor is 10.1.1.2, remote AS 2, external link 
Index 1, Offset @, Mask @x2 
BGP version 4, remote router ID 10.1.1.2 
BGP state = Established, table version = 7, up for 00:53:07 


Minimum time between advertisement runs is 3@ seconds 
Received 375 messages, 0 notifications, @ in queue 
Sent 343 messages, ® notifications, 0 in queue 
Prefix advertised @, suppressed @, withdrawn @ 
Connections established 20; dropped 19 
Last reset 00:53:28, due to User reset 
6 accepted prefixes consume 192 bytes, maximum limit 8 
Threshold for warning message 75% 
@ history paths consume @ bytes 
Connection state is ESTAB, I/0 status: 1, unread input bytes: 0 
Local host: 10.1.1.1, Local port: 11015 
Foreign host: 10.1.1.2, Foreign port: 179 


Troubleshooting 


1 Verify that the BGP neighbors are in the Established state using the show ip bgp 
neighbors command. 


If the neighbor relationship is not in the Established state, see section 8-23. 
2 Verify the keepalive and holdtime values using show ip bgp neighbors. 


-32: neighbor {ip-address | peer-group-name} 
iNSuppress-map route-map-name 


Syntax Description: 
© — ip-address—Neighbor’s IP address. 
e 


peer-group-name—Name of the peer group. See section 8-19. 
* — route-map-name—Name of the route map used to select routes to be unsuppressed. 


the more-specific routes 0 suppressed (see section 


Cisco IOS Software Release: 10.0. Peer group support was added in Release 11.0. 
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Configuration Example: Selectively Advertising Routes with ar 
Unsuppress Map | 


In Figure 8-31, Router A is advertising four prefixes to Router B. Router B agg: 
prefixes and advertises only the summary while suppressing the four specific 
will be used as the initial configuration so that we can inspect the BGP tables f 
B and C. The unsuppress map is then added to Router B’s configuration, 


Figure 8-31 Globally Suppressed Routes Can Be Selectively Unsuppressed on a Per-Neighbor Basis 


172.16.0.0/24 suppressed 
172.16.0.0/24 172.16.1.0/24 suppressed 
172.16.1.0/24 172.16.2.0/24 unsuppressed 
172.16.2.0/24 172.16.3.0/24 suppressed 
172:16.3.0/24 172.16.0.0/16 


172.16.0.0/24 
172.16.1.0/24 


172.16.2.0/24 
172.16.3.0/24 


AS2 


Router A 
interface Loopback® 

ip address 172.16.0.1 255.255.255.0 
i 

interface Loopback1 

ip address 172.16.1.1 255.255.255.0 
! 

interface Loopback2 Lt. 
ip address 172.16.2.1 255.255.255.0 

! 
interface Loopback3 

ip address 172.16.3.1 255.255.255.0 

! 

interface Loopback4 

ip address 200.200,.202.3 255.255.255.0 
! 
router bgp 65538 

network 172.16.0.8 mask 255.255.255.909 
network 172.16.1.@ mask 255.255.255.0 
network 172.16.2.@ mask 255.255.255.0 
network 172.16.3.@ mask 255.255.255.0 
neighbor 10.1.1.2 remote-as 1 
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(Continued) 
Router & 
router bgp 1 

aggregate-address 172.16.0.0 255.255.0.0 summary-only 
neighbor 10.1.1.1 remote-as 65530 

neighbor 10.1.2.2 remote-as 2 


router bgp 2 
neighbor 10.1.2.1 remote-as 1 


Before proceeding to the unsuppress map, check the BGP tables on Routers B and C: 


rtrB#show ip bgp 

BGP table version is 42, local router ID is 172.16.1.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
172.16.0.0/24 10.1.1.1 @ @ 65530 i 
-16.0.0 0.0.0.0 32768 i 
-16.1.0/24 10.1.1.1 @ @ 65530 i 
-16.2.0/24 106159;51 1) @ 6553@ i 
-16.3.0/24 10.4). Fit @ @ 65530 i 
ow ip bgp 
BGP table version is 10, local router ID is 156.26.32.1 
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
*> 172.16.0.0 10.1.2.1 ie 5 


As you can see, Router B is suppressing the more-specific routes. Next, we want to 
unsuppress prefix 172.16.2.0 on Router B and allow this route to be advertised to Router C: 


Router 8B 

router bgp 1 

aggregate-address 172.16.0.0 255.255.0.@ summary-only 
neighbor 10.1.1.1 remote-as 65530 

neighbor 10.1.2.2 remote-as 2 


| 

access-list 1 permit 172.16.2.@0 0.0.0.255 
route-map allow permit 10 

match ip address 1 
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Verification 
There should be no change to Router B's BGP table: 


rtrB#sh ip bgp 

BGP table version is 10, local router ID is 172.16.1.1 
Status codes: s suppressed, d damped, h history, * valid, > best, i - interpy 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
s> 172.16.0.0/24 10.1.1.1 ® ® 65530 i 
=> 172.16.0.0 0.0.0.0 32768 i 
s> 172.16.1.0/24 10.1.1.1 ) @ 65530 i 
s> 172,16.2,0/24 10.7.1.1 i) @ 65530 1 
s> 172.16.3.0/24 10.1.1.1 i) @ 65530 i 


RtrC#sh ip bap 

BGP table version is 14, local router ID is 156.26.32.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
*> 172.16.0.0 10.1.2.1 @ii 
Troubleshooting 


1 Verify that the BGP neighbors are in the Established state using the show ip 
neighbors command. 
If the neighbor relationship is not in the Established state, see section 8-23, 


2 Check to see that the route you want to unsuppress is actually being suppres 
executing the show ip bgp command. 


3 The route map should permit only routes that are to be unsuppressed. Chee 
syntax. 


4 Check the syntax of your access list. 


8-33: neighbor {ip-address | peer-group-name} updé 
source interface-name 
Syntax Description: 
© = ip-address—Neighbor’s IP address. 


© — peer-group-name—Name of the peer group. See section 8-19. 
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° — interface-name—Any physical or logical router interface. Usually, a loopback 
interface is used. 


GP connection can occur as long as there is a TCP/IP path between the 


Cisco IOS Software Release: 10.0. Peer group support was added in Release | 1.0. 


Configuration Example: Using a Loopback Interface for Network 
Stability 
In Figure 8-32, we want to establish an IBGP session between Routers A and C. From 
Router A’s point of view, we can use one of two addresses in the neighbor command, 
172.17.1,2 or 10.1.2.2. From Router C’s perspective, either address 172.17.1.1 or 10.1.1.1 
can be used to form a neighbor relationship with Router A. The following configurations 
show these options: 
Router A 
router bgp 1 
neighbor 172.17.1.2 remote-as 1 


or 
neighbor 10.1.2.2 remote-as 1 


neighbor 172.17.1.1 remote-as 1 
or 
neighbor 1@.1.1.1 remote-as 1 


are using F, the Ethernet network is the shortest path between Routers A 
and C. The IP routing table c on Router A contains a route to the loopback on Router C via 
the Ethernet network. If the Ethernet network goes down, OSPF converges and installs the 
path through Router B into the routing table. IBGP packets now take this route, and the 


IBGP session is maintained. 


the session remains established ong as a path between the loopback addresses exists. if 
only one path exists between the IBGP speakers, using loopback addresses does not provide 
additional stability. 
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Figure 8-32 When Multiple Paths Exist Between IBGP Peers, Using a Loopback Interface as the Source A 


Stability to the Design 


Client 


Joopback 0 
172.16.1.1/32 


Router A 
interface Loopback® 

ip address 172.16.1.1 255.255.255.255 
1 

interface Ethernet® 

ip address 172.17.1.1 255.255.255.0 

t 

interface Seriald 

ip address 10.1.1.1 255.255,255,252 

! 

router ospf 1 

network 10.0.0.6 @.255.255.255 area @ 
network 172.16.0.0 @.0.255.255 area @ 
network 172.17.@.@ 0.0.255.255 area @ 
! 

router bgp 1 

neighbor 172.16.1.3 remote-as 1 


Router B 

interface Loopback® 

ip address 172.16.1.3 255.255.255.0 
H 
interface Serial® 

ip address 10.1.1.2 255.255.255.252 
clockrate 64000 

! 


neighbor 172.16.1.3 update-source Loopback® 
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(Continued) 
interface Serial 

ip address 10.1.2.1 255.255.255.252 
clockrate 64000 

! 

router ospf 1 

network 18.0.0.@ 0.255.255.255 area 0 
network 172.16.0.0 0.0.255.255 area @ 


interface Loopback® 

ip address 172.16.1.2 255.255.255.255 
! 

interface Ethernet® 

ip address 172.17.1.2 255.255.255.0 

! 

interface Serial® 

ip address 10.1.2.2 255.255.255.252 

! 

router ospf 1 

network 10.0.0.0 0,255.255.255 area @ 
network 172.16.0.0 0.0.255.255 area 0 
network 172.17.0.@ 0.@.255.255 area 0 
I 

router bgp 1 

neighbor 172,.16.1.3,remote-as 1 
neighbor 172.16.1.3 update-source Loopback® 


erification 


Verify that the IBGP session is being established by examining the IBGP neighbors on 
Router A: 


rtiraA# 

BGP neighbor is 172.16.1.3, remote AS 1, internal link 
Index 1, Offset @, Mask 0x2 

BGP version 4, remote router ID 172.16.1.1 


Last read @@:00:26, hold time is 180, keepalive interval is 6@ seconds 
Minimum time between advertisement runs is 5 seconds 
Received 31 messages, @ notifications, ® in queue 
Sent 31 messages, @ notifications, ® in queue 
Prefix advertised @, suppressed 8, withdrawn @ 
Connections established 1; dropped 0 
Last reset 00:28:34, due to RR client config change 
@ accepted prefixes consume @ bytes 
® history paths consume @ bytes 
Connection state is ESTAB, I/O status: 1, unread input bytes: 0 
Local host: 172.16.1.3, Local port: 11026 
Foreign host: 172.16.1.1, Foreign port: 179 
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Troubleshooting 
1 Ensure that the loopback address for the neighbor is in the IP routing table, 


2 Each neighbor should be able to ping the other neighbor's loopback address, 
pings are successful, the routers can form an IBGP connection using the loopk 
interface. 1 


3 Verify the neighbor’s IP address and remote AS number in the BGP confi 


8-34: neighbor {ip-address | peer-group-name} versic 
version-number 
Syntax Description: 
© = ip-address—Neighbor's IP address. 
© = peer-group-name—Name of the peer group. See section 8-19. 
® — version-number—2, 3, or 4. 


Purpose: Currently, the default BGP version number is 4. Cisco’s implementation © 
begins using version 4 and negotiates down to version 2. If you do not want to for 
neighbor connection with a router that is not running version 4, you can lock down 
version number using this command. 


Cisco 10S Software Release: 10.0. Peer group support was added in Release 11.0 
Configuration Example: Locking Down the Neighbor BGP Vers 


The following configuration locks down the version number with one neighbor to4 
leaves the version number in auto-negotiate for the other neighbors: ‘ 


Router A | 
router bgp 1 
neighbor 10.1.1.2 remote-as 2 


neighbor 10.2.1.2 remote-as 3 
neighbor 19.3.1.2 remote-as 4 


Verification 
Verify the version number by using the show ip bgp neighbors command: 


rtrA#show ip bgp neighbors 
BGP neighbor is 10.1.1.2, remote AS 2, external link 
Index 1, Offset @, Mask @x2 


BGP state = Established, table version = 7, up for 00:53:07 


8-35: neighbor {ip-address | peer-group-name} weight default-weight 


(Continued) 
Last read 00:00:08, hold time is 180, keepalive interval is 60 seconds 
Minimum time between advertisement runs is 30 seconds 
Received 375 messages, ® notifications, ® in queue 
Sent 343 messages, @ notifications, 6 in queue 
Prefix advertised @, suppressed 0, withdrawn @ 

Connections established 20; dropped 19 

Last reset 00:53:28, due to User reset 

6 accepted prefixes consume 192 bytes, maximum limit 8 
Threshold for warning message 75% 

® history paths consume 0 bytes 

Connection state is ESTAB, I/O status: 1, unread input bytes: @ 

Local host: 10.1.1.1, Local port: 11015 

Foreign host: 10.1.1.2, Foreign port: 179 


Troubleshooting 


Verify that the BGP neighbors are in the Established state using the show ip bgp neighbors 
command. If the neighbor relationship is not in the Established state, check for a version 
number mismatch between neighbors. 


8-35: neighbor {ip-address | peer-group-name} weight 
default-weight 
Syntax Description: 
° — ip-address—Neighbor’s IP address. 
° — peer-group-name—Name of the peer group. See section 8-19. 
© = default-weight—1 to 65535. 


Purpose: The weight attribute has meaning only to the local router. By default, advertisements 
received from BGP neighbors have their weight attribute set to 0. This command sets all routes 
learned from a particular neighbor to the default weight used in the command. 


Cisco IOS Software Release: 10.0. Peer group support was added in Release 11.0. 


3 ps uration Example: Setting the Route Weight for the Local 
“uter 


The following configuration sets the weight of all routes learned from neighbor 10.1.1.2 to 451: 


interface Serial@ 
ip address 10.1.1.1 255.255.255.252 
! 


continues 
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(Continued) 
router bgp 1 
mnt il 10.1. vs a vanes as = 


interface Loopback® 

ip address 172.16.0.1 255.255.255.9 

! 

interface Loopback? 

ip address 172.16.1.1 255.255.255.8 

! 
interface Loopback2 

ip address 172.16.2.1 255.255.255.0 

! 
interface Loopback3 

ip address 172.16.3.1 255.255.255.8 

! 
interface Seriald® 

ip address 10.1.1.2 255.255.255.252 
clockrate 64000 

! 

router bgp 2 

network 172.16.0.0 mask 255.255.255.0® 
network 172.16.1.@ mask 255.255.255.080 
network 172.16.2.0 mask 255.255,.255.68 
network 172.16.3.0 mask 255.255.255.6 
neighbor 10.1.1.1 remote-as 1 


Verification 
Verify the setting of the weight attribute by examining the BGP table on Router \ 

rtrA#show ip bgp - 

BGP table version is 6, local router ID is 172.17,1.1 


Status codes: s suppressed, d damped, h history, * valid, > best, i - 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
*> 172,16,0.0/24 10.1.1.2 ® 451 21 
*> 172.16.1.0/24 10.1.1.2 @ 451 2i 
*> 172.16.2.0/24 10.1.1.2 4) 451 2i 
*> 172.16.3.0/24 10.1.1.2 ® 451 2i 


Troubleshooting 


1 Verify that the BGP neighbors are in the Established state using the show ip 
neighbors command. If the neighbor relationship is not in the Established 5% 
section 8-23. 


2 If the neighbors are in the Established state, the only error would be an ii inc 
address in the configuration statement neighbor ip-address weight defaut 


CHAPTER Q 


Route Advertisement 


9-1: network jp-address 


2: network jp-address mask network-mask 
E Syntax Description: 
3 * ip-address—Network to advertise to BGP peers. 
* network-mask—Optional parameter used to advertise nonclassful network prefixes. 
Defaults: None 


Limitations: Up to 200 instances of the network command may be used in the 
configuration. For Cisco TOS Software Release 12.0 and later, this restriction has been 
removed. 


aces the protocc will be active The BGP een command is 
used to determine which interfaces will ran BGP. The BGP network command is used to 
determine the networks that will be advertised to BGP neighbors. In order for a network to 
be advertised by BGP, it must be known to the originating router. Routes learned via EBGP 
are automatically advertised to other EBGP neighbors. A known network is one that is 
directly connected, static, or learned through a dynamic routing protocol. The first form of 
the network command requires a classful IP address. A classful address is either Class A 
with an 8-bit subnet mask, Class B with a 16-bit subnet mask, or Class C with a 24-bit 
subnet mask. The second form can be used with either a classful or classless prefix. 


Cisco IOS Software Release: 10.0 


Nnfiguration Example 1: Directly Connected Networks 


Figure 9-1 illustrates a basic scenario for the use of the network command. Router A has 
two directly connected networks that are advertised to router B via BGP. 
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Figure 9-1 


Verification 


Basic Use of the network Command 


172.16.1.0/24 


192.16.1.0/24 


Router A 
interface loopback @ 

ip address 172.16.1.1 255.255.255.0 

! 

interface loopback 1 

ip address 192.16.1.1 255.255.255.090 

! 

router bgp 1 
neighbor 10.1.1.2 remote-as 2 
network 172.16.1.0 mask 255.255.255.6 
network 192.16.1.0 
Router & 
router bgp 2 
neighbor 1@.1.1.1 remote-as 1 


Notice that the mask option was used with network 172.16.1.0. The classful: 
network is 172.16.0.0. Because we want to advertise a subnet of 172.16.0.0,1 
option is required. 


Before using the network command, verify that the networks are in the IP ‘outi 
using the show ip route command: 


rtrA#show ip route 
Codes: C - connected, S - static, I - IGAP, R - RIP, M - mobile, B - BGP 
D - EIGRP, EX - EIGRP external, 0 - OSPF, IA - OSPF inter area 
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP 
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidat be 
U - per-user static route, o - ODR, P - periodic downloaded statis 
T - traffic engineered route 


Gateway of last resort is not set 
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(Continued) 
172.16.0.0/24 is subnetted, 1 subnets 


10,0,@.0/30 is subnetted, 1 subnets 
C 10.1.1.0 is directly connected, Seriald 


The networks to be advertised are in the IP routing table. The next step is to add the 
network commands to the BGP router configuration and to verify that the networks are in 
the BGP routing table using the show ip bgp command: 


rtrA#show ip bgp 
BGP table version is 538, local router ID is 19.1.1.1 


Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Metric LocPrf Weight Path 
*> 192.16.1.0 0.0, 9 32768 i 
*> 172.16.1.8 -8.8. @ 32768 i 


Sonfiguration Example 2: Aggregation Using Static Routes 


A static route can be used to allow BGP to advertise any network prefix. Configuring a 
static route installs the static network in the local IP routing table. Any route in the IP 
routing table can be advertised by BGP using the network command. Of course, the router 
should advertise only networks that it can actually reach, The main use of static routes with 
BGP is to allow the advertisement of an aggregate address. Figure 9-2 shows an ISP that 
owns the range of Class C addresses from 192.16.0.x through 192.16.255,x. The network 
command could be used 256 times—once for each Class C prefix—or we could use a static 
route to create an aggregate prefix. 


re 9-2 Using a Static Route and the network Command to Advertise an Aggregate Prefix 
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Verification 


Router A 
router bgp 1 ° 
neighbor 10.1.1.2 remote-as 2 


router bgp 2 
neighbor 10.1.1.1 remote-as 1 


network 192.16.0.0 mask 255.255.0.8 
i] 


ip route 192.16.0.0 255.255.0.0 null 6 


The optional mask parameter is needed because 192.16.0.0/16 is a supernet of t re ( 
address 192.16.0.0/24. The static route has the next hop as the interface null 0. 
has more specific routes to networks contained in the range 192.16.0.x to 192. 


A specific match is not found, because the network is down. Router B tries te 
shorter match. It finds 192.16.x.x and instructs Router B to send the packet to 
simply discard the packet. Prefixes can also be aggregated using the aggregate. 
command, covered in Chapter 1, “Route Aggregation.” 


mm 5 


that the route is in the IP routing table and the BGP 


AP 5 | > POT 


table: 


rtrB#show ip route = 
Codes: C - connected, $ - static, I - IGRP, R - RIP, M - mobile, B - BGP 
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
Ni - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP : 
i - IS-IS, Li - IS-IS level-1, L2 - IS-IS level-2, * - candidate ¢ 
U - per-user static route, o - ODR, P - periodic downloaded stat 
T - traffic engineered route 


Gateway of last resort is not set 


10.0.0,.0/30 is subnetted, 2 subnets 
C 10.1.1.0 is directly connected, Seriald® 


rtrB#show ip bgp 
BGP table version is 44, local router ID is 192.16.1.1 -. 
Status codes: s suppressed, d damped, h history, * valid, > best, i - inter 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
*> 192.16.0.0/16 0.9.0.0 Q 32768 i 
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Troubleshooting 
j Step 1 Verify that the BGP neighbors are in the Established state using the show 
ip bgp neighbors command. 


If the neighbor relationship is not in the Established state, see section 8-23. 


Step 2 Verify that the network you are attempting to advertise is in the IP routing 
table. There must be an exact match between prefix and mask. 


9-3: network /p-address backdoor 


9-4: network /p-address mask network-mask backdoor 
Syntax Description: 


© = ip-address—Network to advertise to BGP peers. 
© — network-mask—Optional parameter used to advertise nonclassful network prefixes. 
Defaults: None 


Limitations: Up to 200 instances of the network command may be used in the 
configuration. For Cisco IOS Software Release 12.0 and later, this restriction has been 
removed. 


Purpose: When a router is running more than one IP routing protocol, the possibility exists 
that a particular route might be learned by two or more protocols. Because different IP 
routing protocols calculate the cost to a route using different metrics, the protocol cost 
cannot be used to select the best path. When a route is known by more than one IP routing 
protocol, Cisco routers use the administrative distance to select the best path, with the 
lowest administrative distance being preferred. EBGP routes have an administrative 
distance of 20, and IGPs have a higher administrative distance: 


* EBGP—20 
* EIGRP—90 
* IGRP—100 
* OSPF—110 
* RIP—120 

* IBGP—200 
EBGP routes are preferred over IGP routes. The 


Cisco IOS Software Release: 10.0 
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Configuration Example: Finding the Best Route Through 
Administrative Distance 
In Figure 9-3, Router A is learning about network 172.17.2.0 via EBGP and EIGR 


Figure 9-3 EBGP Route to 172,17.2.0 Is Preferred Over the EIGRP Route 


Router A 
router eigrp 1 

network 172.17.0.0 

| 

router bgp 1 

neighbor 10.1.1.2 remote-as 3 
Router 6 
router eigrp 1 

network 172.17.8.0 

! 

router bgp 2 

network 172.17.2.@ mask 255.255.255.0 
neighbor 10.1.2.1 remote-as 3 


router bgp 3 
network 10.1.1.0 mask 255.255.255.252 
network 10.1.2.0 mask 255.255.255.252 
neighbor 10.1.1.1 remote-as 1 
neighbor 10.1.2.2 remote-as 2 
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Because EBGP has a lower administrative distance than EIGRP, the EBGP route is installed 
in Router A’s IP routing table. 


rtrA#show ip route 

Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP 
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP 
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default 
U - per-user static route, 0 - ODR, P - periodic downloaded static route 
T - traffic engineered route 


Gateway of last resort is not set 


172.17.0.0/24 is subnetted, 2 subnets 
172.17.1.0 is directly connected, Ethernet@ 


10.0.0.0/30 is subnetted, 2 subnets 
10.1.2.0 [20/0] via 10.1.1.2 
10.1.1. is directly connected, Serial® 


The preferred path from Router A to network 172.17.2.0 is through Router C. The shortest 
path to network 172.17.2.0 is through the direct connection to Router B, A number of 
methods can be used to modify routing table entries so that Router A prefers the direct path 
to network 172.17.2.0. Using the backdoor option is relatively easy, as shown in the 
following modified listing for Router A: 


Router A 
router bgp 1 


remote-as 3 


The backdoor option causes the network learned via EBGP to have an administrative 
distance of 200. The EIGRP route for network 172.17.2.0 has an administrative distance of 
90, causing it to be installed in the IP routing table. 


fetification 
By inspecting the IP routing table on Router A, we can see that the route to 172.17.2.0 
learned via EIGRP has been installed in the IP routing table, replacing the EBGP route: 


rtrAfshow ip route 
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP 

D - EIGRP, EX - EIGAP external, O - OSPF, IA - OSPF inter area 

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 

E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP 

i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default 
U - per-user static route, o - ODR, P - periodic downloaded static route 
T - traffic engineered route 


continues 
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(Continued) 
Gateway of last resort is not set 


7 
172.17.0.0/24 is subnetted, 2 subnets 
Cc 2.17.1.0 is directly connected, Ethernetd 


1@.1.2.0 [20/0] via 10.1.1.2 
10.1.1.0 is directly connected, Seriald 


9 “9 
Troubleshooting 
Step 1 Verify that the BGP neighbors are in the Established state using the show 
ip bgp neighbors command, 
If the neighbor relationship is not in the Established state, see section 8-23. 
Step 2. Before using the backdoor option, use the show ip bgp command to | 


ensure that the route you intend to modify is in the BGP table. For 
example, on Router A, verify a BGP entry for network 172.17.2.0: 


rtrA#show ip bgp 
BGP table version is 43, local router ID is 192.16.1.1 
Status codes: s suppressed, d damped, h history, * valid, > best, i - interr 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
*> 10.1.1.0/30 10.1.1.2 ) O3i 
*> 10.1.2.0/30 10.1.1.2 i) @3i 
“> +17.2.0/2 vlahoe @321 


| fee | 
reise ies TN 


Step 3 If the network is in the BGP table, the backdoor option will work as 
described. 


9-5: network /p-address route-map route-map-name 


9-6: network jp-address mask network-mask route-n 


route-map-name 


Purpose: In theory, these commands allow you to modify a network's BGP attrib 
our experience, they are too buggy and should not be used. See sections 8-25 : 
you need to modify the BGP attributes of received or transmitted network advert 
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-7: network jp-address weight weight 


)-8: network jp-address mask network-mask weight 
eight 


Obsolete: These commands don’t work and are considered obsolete. They will be removed 
from future versions of Cisco IOS Software. They are included here because they exist in 
current Cisco IOS Software Releases, but they do nothing. See sections 8-25 or 8-35 if you 
need to modify the weight of received network advertisements. 


~ 


- 
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Route Redistribution 


10-1: redistribute protocol 
Syntax Description: 


protocol—Routes learned via protocol will be redistributed into BGP. 


Purpose: To redistribute routes into BGP that have been learned via a routing protocol 
other than BGP. The metric of the non-BGP-learned routes is transferred to the metric or 
multi-exit discriminator (MED) of the new BGP route. Routes can be redistributed from 
connected, dymrp, egp, eigrp, igrp, isis. iso-igrp. mobile, odr, ospf, rip, and static. 


Cisco LOS Software Release: 10.0 


TAMA 


Configuration Example: Redistributing Connected, Static, and 


EIGRP Learned Routes into BGP 


In Figure 10-1, Router C is advertising 172.16.2.0/24 and 172.16.3.0/24 to Router B via 
EIGRP. Routers A and B have an EBGP relationship. This example redistributes EIGRP 
and static into BGP on Router B and redistributes connected on Router A. 


gure 10-1 Redistributing Routes into BGP 


172.16.0.0/24 


Py) 172.16.1.0/24 | 


172.17.1.2/24 172.17.1.1/24 
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Router A 

interface loopback ® 

ip address 172.16.0.1 255.255.255.8 

! 

interface loopback 1 

ip address 172.16.1.1 255.255.255.0 

! 

router bgp 1 

network 172.17.1.0 mask 255.255.255.0 
neighbor 172.17.1.1 remote-as 2 
Router B 

router eigrp 1 

network 180.8.0.@ 

network 172.17.0.@ 

no auto-summary 

! 

router bgp 2 

network 18.1.0.@ mask 255.255.255.252 
network 172.17.1.@8 mask 255.255.255.0 
neighbor 172.17.1.2 remote-as 1 

! 
ip route 172.16.4.0 255.255.255.® s2/0 
Router 
interface loopback @ 

ip address 172.16.2.1 255.255.255.0 

! 
interface loopback 1 

ip address 172.16.3.1 255.255.255.8 

! 
router eigrp 1 

network 172.16.0.@ 

network 18.0.0. 

no auto-summary 


Before proceeding with the redistribution of routes into BGP, inspect the IP and: 
routing tables on Routers A and B. Router B should be learning routes 172.16,24 
172.16.3.0/24 from Router C via EIGRP. Because you are not redistributing rout 
Router B, Router A should not be learning about the 172.16.2.0/24 or 172.16.3.028 


rtré#show ip route : 

Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, 8 - & 
D - EIGRP, EX - EIGRP external, 0 - OSPF, IA - OSPF inter area 
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP a 
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-1S 29 
* . candidate default, U - per-user static route, o - OOR 
P - periodic downloaded static route 


DN 


Gateway of last resort is not set 
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(Continued) 
172.17.0.0/24 is subnetted, 1 subnets 

c 172.17.1.@ is directly connected, Ethernetd/0 
172.16.0.0/24 is subnetted, 3 subnets 


s 172.16.4.@ is directly connected, Serial2/0 


10.0,0.0/30 is subnetted, 1 subnets 
C 10.1.1. is directly connected, Serial2/0 


rtrB#show ip bgp 

BGP table version is 3, local router ID is 172.17.1.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 

*> 10.1.1,0/30 0.0.0.0 32768 i 

* 172.17.1.0/24 172.17.1.2 a as 

*> 0.0.0.0 32768 i 

rtrA#show ip route 

Codes: © - connected, S - static, I - IGRP, R ~- AIP, M - mobile, B - BGP 
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 
Ei - OSPF external type 1, E2 - OSPF external type 2, E - EGP 
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area 
* . candidate default, U - per-user static route, o - ODA 
P - periodic downloaded static route 


Gateway of last resort is not set 


172.17.0.0/24 is subnetted, 1 subnets 

C 172.17.1.@ is directly connected, FastEthernetd 
172.16.0.0/24 is subnetted, 2 subnets 

c 172.16,.0,.0 is directly connected, Loopback® 

Cc 172.16.1.0 is directly connected, Loopback1 
10.0,.0,.0/30 is subnetted, 1 subnets 

B 10.1.1.0 [20/0] via 172.17.1.1, 00:25:38 


rtrA#show ip bgp 

BGP table version is 4, local router ID is 172.16.1,1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
*> 10.1.1.0/30 VW2.th Viet @2i 
*> 172.17.1.0/24 0.0.0.8 32768 i 
4 V7204F At @2i 


Notice that the metric for the EIGRP learned routes on Router B is 1889792. Because the form 
of the redistribute command that you will use does not contain a metric, the router uses the 
EIGRP metric for the BGP MED for the redistributed EIGRP routes. Now modify the BGP 
configuration on Router B to enable the redistribution of the EIGRP and static routes into BGP. 
Also modify the configuration on Router A to enable the redistribution of connected routes: 
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Router A 
router bgp 1 
network 172.17.1.0 mask 255.255.255.0 


router sup 1 
network 10.1.@.0 mask 255.255.255.0 
network 172.17.1.@ mask 255.255,255.0 


neighbor 172.17.1.2 remote-as 2 


Verify that the connected routes are being redistributed in BGP on Router A and tht 
static and EIGRP routes are being redistributed on Router B: 


rtrA#show ip bgp 
BGP table version is 8, local router ID is 172.17.1.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - in 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
*> 10.0.0.9 0.8.0.8 v) 32768 7 
10.1.1.0/30 ®.8.0.0 @ 32768 i 


172.17.0.0 172.17.1.2 
*> 172.17.1.0/24 0.0.0.0 0 
172.17.142 


P Ogp 
BGP table version is 19, local router ID is 172,16,1.1 


Status codes: s suppressed, d damped, h history, * valid, > best, i - in 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
*> 10.0.0.0 17217404 () 02? 
10.1.1.0/30 Vea tabed @2i 


172.17.0. 0.0.0.0 32768 ? 
* 472.17.1.0/24  172.17-4-1 2 @2i 
0.0.0.0 32768 i 


By default, BGP summarizes redistributed routes on a classful boundary (see 
“Auto-Summary”). Routers A and B now indicate that they can reach the ent 
address block 172.16.x.x. Typically, this is not the behavior you want. When 
routes into BGP, it is a good idea to turn off auto-summarization. Modify i 
configuration on Routers A and B to do this. Notice that Router A also sume 
10,0.0.0 and 172.17.0.0 networks because they are also directly connected. 
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Router A 

router bgp 1 

network 172.17.1.@ mask 255.255.255.@ 
redistribute connected 5 

neighbor 172.17.1.1 remote-as 2 


Router 6 

router bgp 1 

network 10.1.0.@ mask 255.255.255.252 
network 172.17.1.@ mask 255,255,255. 
redistribute static 10 

redistribute eigrp 15 

neighbor 172,.17,1.2 remote-as 2 


Reinspect the BGP tables on Routers A and B: 


rtrA#show ip bgp 

BGP table version is 8, local router ID is 172.16.1.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e ~ EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
“> 10.1.1.0/38 172,17.14.1 @ Q@2i 


* 172.17.1.0/24 i Wy 2 87 A | @2i 
@.0.9.0 32768 i 
14 , 
BGP table version is 19, local router ID is 172.17.1.1 
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, 7? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
“> 10.1.4.0/30 @,0.0.0 ) 32768 i 


* 172.17.1.0/24 172.17.1.2 ® @1ia 
*> 0.0.0.0 i) 32768 1 


The metric or MED value for the redistributed EIGRP routes is equal to the EIGRP metric for 
those routes, The metric or MED value for the redistributed connected and static routes is 0. 
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Troubleshooting 


Step 1 Verify that the BGP neighbors are in the Established state using the shoy 
ip bgp neighbors command, . 


If the neighbor relationship is not in the Established state, see section 8-23 


Step 2 Verify that the protocol you are redistributing routes from is active on the 
router. : 


Step 3 When redistributing from a protocol that requires a process ID, verify 
that you are using the proper process ID in the redistribute command. 


s 


Step 4 Use the no auto-summary command under router BGP when 
redistributing routes into BGP. 


10-2: redistribute protoco/ metric metric 
Syntax Description: 


* — protocol—Routes learned via protocol will be redistributed into BGP. 


* ~~ metric—Metric to assign to the redistributed routes. The value is in the rang 
4294967295. . 
Purpose: To redistribute routes into BGP that have been learned via a routi 
other than BGP. The metric value is assigned to the metric or multi-exit di 
(MED) of the new BGP route. Routes can be redistributed from connected, dyn 
eigrp, igrp, isis, iso-igrp, mobile, odr, ospf, rip, and static. 


Cisco IOS Software Release: 10.0 


Configuration Example: Redistributing Connected, Static, al 
EIGRP Learned Routes into BGP 


In Figure 10-2, Router C is advertising 172.16.2.0/24 and 172.16.3.0/24 to Row 
EIGRP. Routers A and B have an EBGP relationship. This example redist 
and static into BGP on Router B and redistributes connected on Router A. ; 
are assigned a metric of 10, the EIGRP routes a metric of 15, and the con nents 
metric of 5, 
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gqure 10-2 Redistributing Routes into BGP 


Redistribute with Redistribute on B with a 
a metric of 5 Redistribute static routes metric of 15 
with a metric of 10 


172.17.1.2/24 


Router A 
interface loopback ® 

ip address 172.16.0.1 255.255.255.0 

I 
interface loopback 1 

ip address 172.16.1.1 255.255.255.0 

! 

router bgp 1 

network 172.17.1.0 mask 255.255.255.0 
neighbor 172.17.1.1 remote-as 2 


router eigrp 1 

network 18.0.0.8 

network 172.17.0.0 

no auto-summary 

| 

router bgp 2 

network 10.1.0.0 mask 255.255.255.252 
network 172.17.1.@ mask 255,.255.255.@ 
neighbor 172.17.1.2 remote-as 1 

! 

ip route 172.16.4.0 255.255.255.8 s2/0 
Router 

interface loopback @ 

ip address 172.16.2.1 255.255.255.0 

! 

interface loopback 1 

ip address 172.16.3.1 255.255.255.090 

! 

router eigrp 1 

network 172.16.9.6 

network 10.0.0.0 

no auto-summary 


Before proceeding with the redistribution of routes into BGP, inspect the IP and BGP 
routing tables on Routers A and B. Router B should be learning routes 172.16.2.0/24 and 
172.16.3.0/24 from Router C via EIGRP. Because you are not redistributing routes on 
Router B, Router A should not be learning about the 172.16.2.0/24 or 172.16.3.0/24 routes. 
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Codes: 


c 


c 


Gateway of last resort is not set 
172.17.@.0/24 is subnetted, 1 subnets 


172.16.0.0/24 is subnetted, 2 subnets 


C 


10.9.0.0/30 is subnetted, 1 subnets 


B 


rtrA#show ip bgp 
BGP table version is 4, local router ID is 172.16.1.1 


rtrBsshow ip route 


Gateway of last resort is not set 
172.17.0.0/24 is subnetted, 1 subnets 


172.16.0.0/24 is subnetted, 3 subnets 


10.0.0.0/30 is subnetted, 


rtr8#show ip bgp 
BGP table version is 3, local router ID is 172.17.1.1 ] 
Status codes: s suppressed, d damped, h history, * valid, > best, i - inter 
Origin codes: i - 


Network Next Hop Metric LocPrf Weight Path 
*> 10.1.1.0/30 0.0.0.0 i) 32768 i 
* 472.17.1.0/24 172.17.1-2 6 @1i 
*> @.0.0.0 32768 i 


rtrAfshow 
Codes: 


C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - gop 
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP 
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS gpee 
* - candidate default, U - per-user static route, o - ODR’ 
P - periodic downloaded static route 


172.17.1.@ is directly connected, Ethernete/a 


172.16.4.@ is directly connected, Serial2/® 


1 subnets 
10.1.1.@ is directly connected, Serial2/0 


IGP, e - EGP, ? - incomplete 


p route 
© - connected, S - static, I - IGRP, RA - AIP, M - mobile, B ~ BG? 
D - EIGRP, EX - EIGRP external, 0 - OSPF, IA - OSPF inter area 
Ni - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP j 
i - I8-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inte 
* . candidate default, U - per-user static route, o - ODR 
P - periodic downloaded static route 


172.17.1.@ is directly connected, FastEthernet® 


172.16.@.0 is directly connected, Loopback® 
172.16.1.0 is directly connected, Loopback1 


10.1.1.@ [20/0] via 172.17.1.1, 00:25:38 


nti 
Ln ‘ 


Status codes: s suppressed, d damped, h history, * valid, > best, 1 - 2% 


Origin codes: i - IGP, 6 - EGP, ? - incomplete 


10-2: redistribute protocol metric metric 261 


(Continued) 


Network Next Hop Metric LocPrf Weight Path 
*> 10.1.1.0/30 172.17.1.1 2 @2i 
*> 172.17.1.8/24 9.0.9.9 @ 32768 i 
* 172.17.1.1 Q @2i 


Notice that the metric for the EIGRP learned routes on Router B is 1889792. The form of 
the redistribute command that you will use does not use the metric of the route that is being 
redistributed but assigns one statically. Now modify the BGP configuration on Router B 
to enable the redistribution of the EIGRP and static routes into BGP. Also modify the 
configuration on Router A to enable the redistribution of connected routes, 


Router A 
router bgp 1 
network 172.17.1.0 mask 255.255.255.0 


neighbor 172.17.1.1 remote-as 2 


Aouter & 
router bgp 1 

network 10.1.0.0 mask 255.255.255.0 
network 172.17.1.0 mask 255.255.255.90 


neighbor 172.17.1.2 remote-as 2 


ication 


Verify that the connected routes are being redistributed in BGP on Router A and that the 
static and EIGRP routes are being redistributed on Router B. 


rtrA#show ip bgp 
BGP table version is 15, local router ID is 172.16.1.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
"> 10.0.0.0 172.17.4.1 7) 02? 
*> 10.1.1.0/30 172.17.1.1 @2i 


*> 172.17.0.0 2.9.0.0 32768 7 
* 172.17.1.0/24 172.17.1.14 @ @2i 
@.8.0.0 32768 i 


‘show ip bgp 
BGP table version is 8, local router ID is 172.17.1.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


continues 


262 Chapter 10: Route Redistribution 


(Continued) 

Network Next Hop Metric LocPrf Weight Path 
*> 10.0.9. 2.0.0.9 i) 32768 ? 
=> 10.1.1.0/30 @.9.0.0 32768 i 


*> 172.17.8.08 VI2ATF S12 017 
*> 172.17,1.0/24 %.0.0.0 1] 32768 i 
> 172.17,1,.2 5 @1i 


Why is the mask for the 172.16.x.x routes /16 (the entire Class B address 172.16 
default, BGP summarizes redistributed routes on a classful boundary (see ( 
Routers A and B now indicate that they can reach the entire Class B address blk 
172.16.x.x. Typically, this is not the behavior you want. When redistributing ro 
BGP, it is a good idea to turn off auto-summarization. Modify the BGP configurg 
Routers A and B to do this. Notice that Router A also summarizes the 10.0.0.0.a 
172.17.0.0 networks because they are also directly connected. 


Router A 
router bgp 1 

network 172.17.1.0 mask 255.255.255.0 
redistribute connected 5 
neighbor 172.17.1.1 remote-as 2 


router bgp 1 
network 10.1.0.0 mask 255.255.255.252 
network 172.17.1.0 mask 255.255.255.0 
redistribute static 10 
redistribute eigrp 1 15 
neighbor 172.17.1.2 remote-as 2 


Reinspect the BGP tables on Routers A and B: 


rtrA#show ip bgp 

BGP table version is 9, local router ID is 172.16.1.1 
Status codes: s suppressed, d damped, h history, * valid, 
Origin codes: i - IGP, e - EGP, ? - incomplete 


> best, i - int 


Network Next Hop Metric LocPrf Weight Path 
“> 10.1.1.0/30 172.47.1.1 1) @2i 
*> 172.16.0.0/24 0.0.0.8 5 32768 7 
"> 172.16.1.0/24 0.0.0.9 5 32768 7? 
*> 172.16.2.0/24 172.17.1.1 15 @2? 
*> 172.16,3,.0/24 Weattevet 15 Q@2? 
*> 172.16.4.0/24 172.17.1.1 10 @2? 
*> 172.17.1.0/24 0.8.0.0 5 32768 i 
* V72A7 44 Q @2i 
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(Continued) 


rtrB#show ip bgp 

BGP table version is 20, local router ID is 172.17.1.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Metric LocPrf Weight Path 
10.1.1,0/38 0.0, 1) 32768 i 


172.16.0.0/24 a Waiek\s 1] 
172.16.1.0/24 Me Avia Q 
172.16.2.0/24 Ale bei PS 32768 
172.16.3.0/24 A Pair 32768 
172.16.4.0/24 -0.0. 32768 
172.17.1.0/24 6 F Ga @ 

32766 


ihe) 


i 
r- 


ubleshooting 
Step 1 Verify that the BGP neighbors are in the Established state using the show 
ip bgp neighbors command. 


If the neighbor relationship is not in the Established state. see section 8-23. 


Step 2 Verify that the protocol you are redistributing routes from is active on the 
router. 


Step 3. When redistributing from a protocol that requires a process ID, verify 
that you are using the proper process ID in the redistribute command. 


Step 4 Use the no auto-summary command under router BGP when 
redistributing routes into BGP. 


10-3: redistribute protoco/ route-map route-map-name 


0-4: redistribute protoco/ route-map route-map-name 
etric metric 
Syntax Description: 


* — protocol—Routes learned via protocol will be redistributed into BGP. 


* — route-map-name—Name of the route map used to control which routes will be 


redistributed into BGP. The route map can also be used to modify the BGP attributes 
of the redistributed routes. 


® — metric—Metric to assign to the redistributed routes. The value is in the range of 0 to 
4294967295. 
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Purpose: To redistribute routes into BGP that have been learned via a routing p 
other than BGP. The metric of the non-BGP-learned routes is transferred to tho a 
multi-exit discriminator (MED) of the new BGP route if the metric option is n¢ o 
the metric option is used, the assigned metric will be applied to all routes redis rib 1 
the protocol. A route map can be used for each redistributed protocol to contr e 
routes are redistributed. A route map can also be used to modify the BGP acre buté 
redistributed routes. Routes can be redistributed from connected, dvmrp, egp. é 
isis, iso-igrp, mobile, odr, ospf, rip. and static. 


Cisco IOS Software Release: 10.0 


Configuration Example: Selectively Redistributing Connected, 
Static, and EIGRP Learned Routes into BGP 


In Figure 10-3, Router C is advertising 172.16.2.0/24 and 172.16.3.0/24 to Route 
EIGRP. Routers A and B have an EBGP relationship. This example redistribu 
and static into BGP on Router B and redistributes connected on Router A. On R 
want to block the redistribution of the EIGRP route 172.16.2.0. On Router A, 
allow only the redistribution of network 172.16.1.0/24. Another route map is 
Router B to set the weight of the redistributed static route to 88. 


Figure 10-3 Selectively Redistributing Routes into BGP 


Allow to be redistributed 
AS1 


Router A 
interface loopback @ 
ip address 172.16.@.1 255.255.255.0 
t 
interface loopback 1 
ip address 172.16.1.1 255.255.255.0 
{ 
router bgp 1 
network 172.17.1.0 mask 255.255.255.0 
neighbor 172.17.1.1 remote-as 2 
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(Continued) 
Houter B 
router eigrp 1 

network 10.8.0. 

network 172.17.0.8 

no auto-summary 

t 
router bgp 2 

network 10.1.0.0 mask 255.255.255.252 
network 172.17.1.0 mask 255.255.255.0 
neighbor 172.17.1.2 remote-as 1 

! 
ip route 172.16.4.8 255.255.255.8 s2/® 
Router 
interface loopback 0 

ip address 172.16.2.1 255.255.255.0 

' 
interface loopback 1 

ip address 172.16.3.1 255.255.255.0 

! 
router eigrp 1 

network 172.16.@.0 
network 18.0.0. 
no auto-summary 


Before proceeding with the redistribution and filtering of routes into BGP, inspect the IP and 
BGP routing tables on Routers A and B. Router B should be learning routes 172.16.2.0/24 
and 172.16.3.0/24 from Router C via EIGRP. Because you are not redistributing routes on 
Router B, Router A should not be learning about the 172.16.2,0/24 or 172.16.3.0/24 routes. 


rtrBeshow ip route 
Codes: C - connected, S$ - static, I - IGRP, R - RIP, M - mobile, B - BGP 
D - EIGRP, EX - EIGRP external, 0 - OSPF, IA - OSPF inter area 
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP 
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area 
- candidate default, U - per-user static route, o - ODR 
- periodic downloaded static route 


Gateway of last resort is not set 


172.17.0.0/24 is subnetted, 1 subnets 

172.17.1.@ is directly connected, Ethernetd/0 
172.16.0.0/24 is subnetted, 3 subnets 

172.16.4.@ is directly connected, Serial2/0 


10.0.0.0/30 is subnetted, 1 subnets 
19.1.1.@ is directly connected, Serial2/0 


continues 


266 Chapter 10: Route Redistribution 


(Continued) 

rtrB#show ip bgp 

BGP table version is 3, local router ID is 172.17.1.1 
Status codes: s suppressed, d damped, h history, * valid, > best, i - interns 
Origin codes: i - IGP, e - EGP, ? - incomplete ¥ 


° 


Network Next Hop Metric LocPrf Weight Path 
*> 10.1.1.0/30 ®.0.8.0 Q 32768 i 
Nes Abie tv Gres VW217..1.2 e @ii 
*> @.0.0.0 ) 32768 i 


Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP 

0 - EIGRP, EX - EIGAP external, O - OSPF, IA - OSPF inter area 
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP 

i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter a 
* - candidate default, U - per-user static route, o - ODR 
P - periodic downloaded static route 


Gateway of last resort is not set 


172.17.@.0/24 is subnetted, 1 subnets 


C 172.17.1.0 is directly connected, FastEthernet0 
172.16.0.0/24 is subnetted, 2 subnets 

c 172.16.0.0 is directly connected, Loopback@ 

Cc 172.16.1.@ is directly connected, Loopback1 
10.0.0.0/3@ is subnetted, 1 subnets 

B 10.1.1.@ [20/0] via 172.17.1.1, 00:25:38 


rtrA#show ip bgp 
BGP table version is 4, local router ID is 172.16.1.1 s 
Status codes: s suppressed, d damped, h history, * valid, > best, i - interna, 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
*> 10.1.1.0/30 172.17.1.1 7] @2i 
*> 172.17.1.0/24 0.9.0.0 i) 32768 i 

" VIZ AT Theait @ ®2i 


Notice that the metric for the EIGRP learned routes on Router B is 1889792. Be 
form of the redistribute command that you will use does not contain a metric, 
will use the EIGRP metric for the BGP MED for the redistributed EIGRP rout 
modify the BGP configuration on Router B to enable the redistribution of the El 
and static routes into BGP. Also modify the configuration on Router A to ena 
redistribution of connected routes. On Router A, allow only the connected ne 
172.16.1.0/24 to be redistributed, On Router B, block the 172.16.2.0/24 route Ifo! 
being redistributed, and set the weight of the redistributed static route to 88. 
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Router A 
router bgp 1 
network 172.17.1.@ mask 255.255.255.08 


neighbor 172.17.1.1 remote-as 2 


router bgp 1 
network 10.1.0.@ mask 255.255.255.0 
network 172.17.1.@ mask 255.255.255.0 


is 
access-list 1 deny 172.16.2.0 8.0.0.255 
access-list 1 permit any 
route-map block permit 10 
match ip add 1 
route-map setwt permit 16 
set weight 88 


Verify that the selected connected routes are being redistributed in BGP on Router A and 
that the static and selected EIGRP routes are being redistributed on Router B. Also verify 
that the weight of the static route is being set to 88: 


rtrA#show ip bgp 

BGP table version is 14, local router ID is 172.16.1.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
*> 10.1.1.0/30 bY (ee 3 Ge oe , @ @2i 


172.17.1.0/24 172.17.1.1 
= @.0.0.0 


rtrBeshow ip bgp 

BGP table version is 6, local router ID is 172.17.1.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, 7? - incomplete 


continues 
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(Continued) 
Network Next Hop Metric LocPrf Weight Path 
*> 10,1.1.0/30 0.0.0.0 @ 32768 i 
*> 172.16.1.0/24  172.17.1.2 r) @1? 
*> 472.16.3.0/24 10.1.1.2 1889792 32768 ? 
*> 172,16.4.0/24 0.0.0.0 @ 8B ? 
* 472.17.1.0/24  172.17.1.2 ® @1i 
“> 0.0.0.0 Q 32768 i 
Troubleshooting 
Step 1 Verify that the BGP neighbors are in the Established state using the show. 
ip bgp neighbors command. 


If the neighbor relationship is not in the Established state, see section 8-23, 
Step 2 Verify that the protocol you are redistributing routes from is active on the 


router. a 


Step 3 When redistributing from a protocol that requires a process ID, verify 
that you are using the proper process ID in the redistribute command. 


Step 4 Use the no auto-summary command under router BGP when 
redistributing routes into BGP. 


Step 5 Verify the syntax of any route maps and access lists. Remember that an 
IP access list has an implicit deny all as the last statement. 


10-5: redistribute protoco/ weight weight 
Syntax Description: 
® — protocol—Routes learned via protocol will be redistributed into BGP. 


© weight—Weight assigned to the redistributed routes. The value is in the ram, 
to 65535. 
Obsolete: This command is considered obsolete. It will be removed from future’ 


of the IOS. This command is included here because it exists in current IOS version 
route-map (see section 10-4) if you need to set the weight of redistributed routes: 


CHAPTER 


17 


Address Summarization 


41-1: summary-address 
Purpose: The summary-address command works only with OSPF and IS-IS. Even though 
this command appears as a BGP router configuration option, do not use this command when 


configuring BGP. Use the aggregate-address commands described in Chapter |, “Route 
Aggregation.” 


CHAPTER 


12 


Synchronization 


2-1: synchronization 
Syntax Description: 
This command has no arguments. 


Purpose: [BGP learned routes are not installed in the IP routing table if the route has not 
been learned by an IGP or if the advertised next hop is inaccessible. This is called 
synchronization. 


TOS Release: 10.0 


In Figure 12-1, BGP synchronization is enabled by default. Router A is advertising network 
199.172.1,0/24 to Router B via EBGP, and Router B is advertising 199.172.1.0/24 to 
Router C via IBGP. 


Router A 
interface Loopback® 


ip address 199.172.1.1 255.255.255.0 
H 


continues 
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wih 


“Vv 
‘ 


v 


(Continued) 

router bgp 1 

neighbor 172.17.1.1 remote-as 2 
! 

Router 6 

router bgp 2 

neighbor 172.17.1.2 remote-as 1 
Router 

router bgp 2 

neighbor 10.1.1.1 remote-as 2 


Routers A and B have an EBGP connection, so there is no need for the BGP lear 
to be synchronized with an IGP. The 199.172.1.0/24 route will be installed in th 
table on Router B: 


rtrB#show ip route 
p2#show ip route 
Codes: © - connected, S - static, I - IGRP, A - RIP, M - mobile, B - BGP 
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP 
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter 
* . candidate default, U - per-user static route, o - ODR 
P - periodic downloaded static route 


Gateway of last resort is not set 


172.17.0.0/24 is subnetted, 1 subnets 


c 172.17.1.@ is directly connected, EthernetQ/1 
10.0.0.0/30 is subnetted, 1 subnets 


c 10.1.1.8 is directly connected, Serial2/1 


ony 


P. Also, Router C does not have an entry in the 


able for the next hop. P preserves the EBGP next-hop information. 
rtrC#show ip bgp 199.172.1.@ 
BGP routing table entry for 199.172.1.0/24, version 0 
Paths: (1 available, no best path) 
Not advertised to any peer 
1 


rtrC#show ip route De. 
Codes: C - connected, § - static, I - IGRP, R - RIP, M - mobile, B - BGP 
D - EIGRP, EX - EIGAP external, O - OSPF, IA - OSPF inter area 
Ni - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP 
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(Continued) 
i - 18-18, Li - IS-IS level-1, L2 - IS-IS level-2, * - candidate default 


U - per-user static route, o - ODR 


Gateway of last resort is not set 


10.0.0.0/30 is subnetted, 1 subnets 
10.1.1.@ is directly connected, Serial1 


Disable synchronization on router C and determine if the 199.172.1.0 route will be installed 
in the IP routing table. 


Router C 
router bgp 2 


neighbor 10.1.1.1 remote-as 2 


rtrC#show ip route 
Codes: C - connected, S - static, I - IGAP, R - RIP, M - mobile, B - BGP 
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP 
i - IS-IS, Li - IS-IS level-1, L2 - IS-IS level-2, * - candidate default 
U - per-user static route, o - ODR 


Gateway of last resort is not set 


10.0.9.0/30 is subnetted, 1 subnets 
c 10.1.1.@ is directly connected, Seriali 


rtrC#show ip bgp 199.172.1.0 
BGP routing table entry for 199.172.1.0/24, version ® 
Paths: (1 available, no best path) 

1 


Origin IGP, metric @, localpref 100, valid, internal 


ere are three ways to correct this problem: 


The third method involves redistributing the BGP routes into your IGP. Redistribution is not 
recommended due to the possible size of the BGP routing table. Also, when you redistribute 
BGP into an IGP, the BGP attributes such as AS path, metric, weight, and local preference 
are lost, If an autonomous system is being used as a transit AS, it is important to preserve 
the BGP attributes. Modify the configurations on Routers B and C so that the EBGP next 
hop received from Router A is advertised to router C via an IGP: 
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Router B 

router eigrp 1 
network 172.17.8.0 
network 10.0.0. 


router eigrp 1 
network 172.17.0.0 


Verification 
Verify that the BGP route 199.172.1.0/24 has been installed in the IP routing tabl 
Router C: 
rtrc#show ip route 
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP 
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 
—E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP - 
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate def 
WU - per-user static route, o - ODR 


Gateway of last resort is not set 


10,.0.0.0/30 is subnetted, 1 subnets 
Cc 10.41.1.0 is directly connected, Serialt 


Although we have managed to get the 199.172.1.0/24 network in the IP routing 

do not have IP connectivity to this network. Router A does not have a route bac 

C. Router B would need to advertise the 10.0.0.0 network to Router A via EBGP. I'v 

the 199,172.1.0 network from Router C, we will be unsuccessful. Advertise the 10: 

network to Router A. 7 
Router B 


router bgp 2 
network 10.1.1.@ mask 255.255.255.252 


Verify IP connectivity to 199.172.1.0/24 by pinging the loopback on Router A: 
rtrC#ping 199.172.1.1 


Type escape sequence to abort. 

Sending 5, 10@-byte ICMP Echos to 199.172.1.1, timeout is 2 seconds: 
yyy 

Success rate is 100 percent (5/5), round-trip min/avg/max = 28/31/32 ms 


12-1: synchronization 277 


subleshooting 
Step 1 Verify that the BGP neighbors are in the Established state using the show 
ip bgp neighbors command. 
If the neighbor relationship is not in the Established state, see section 8-23. 


Step 2 If synchronization is enabled, routes learned via IBGP will not be 
installed in the IP routing table unless the next hop is accessible and the 
prefixes have been learned via an IGP. 


13 


Syntax Description: 
© keepalive—| to 4294967295 seconds. 
* holdtime—\ to 4294967295 seconds. 


Purpose: To globally set the keepalive and holdtime values for all neighbors. Keepalive and 
holdtime are common among IP routing protocols. The keepalive time indicates how often 
a router sends a keepalive message to a neighbor to inform the neighbor that the router is 
still alive and well. The holdtime is used as a deathwatch. If a keepalive message is not 
received within the holdtime, the neighbor is declared dead, and the session is terminated. 
The default value for the keepalive time is 60 seconds. The holdtime is three times the 
keepalive time, or 180 seconds. Generally, these yalues do not need to be changed. If you 
do change them, it is a good rule to make the holdtime equal to three times whatever 
keepalive value you use. Of course, the holdtime should always be greater than the 
keepalive time. When two BGP speakers establish a connection, the smaller of the 
advertised keepalive and holdtime values will be used. For example, if one neighbor 
advertises a keepalive value of 70 and a holdtime of 210 and the other neighbor advertises 
a keepalive value of 72 and a holdtime of 205, the keepalive value will be 70 and the 
holdtime will be 205. If the timer values are set using the neighbor timers command (see 
section 8-31), these values will override the global values only for that neighbor. 


LOS Release: 10.0 


Yonfiguration Example: BGP Timers 


In this example, we will examine the result of various settings of keepalive and holdtimers. 
Figure 13-1 illustrates the basic setup for these examples. 
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Figure 13-1 Network Setup for BGP Timer Examples 


172.17.1.1/24 172.17.4.2/24 
AS 2 


Router A 
router bgp 1 
neighbor 172.17.1.2 remote-as 2 
Router 6 
router bgp 2 
neighbor 172.17.1.1 remote-as 1 


The default values for the timers can be examined using the show ip bgp neighbors 


rtrA#show ip bgp neighbors 

BGP neighbor is 172.17.1.2, remote AS 2, external link 
BGP version 4, remote router ID 172.17.1.2 
BGP state = Established, up for 20:01:50 


Change the BGP timer values on Router A to 70 and 210: 
Router A 
router bgp 1 


neighbor 172.17.1.2 remote-as 2 j 


Dy 


Clear the connection to force the timer values to take effect, and then inspect the1 


rtrA#show ip bgp neighbors 

BGP neighbor is 172.17.1.2, remote AS 2, external link 
BGP version 4, remote router ID 172.17.1.2 
BGP state = Established, up for 00:00:14 


The timer values did not change. Router B is advertising the defaults of 60 and 18 y 
values are smaller than the values configured on Router A, so the smaller values 28 
Configure Router B with the same timer values as Router A: 


tification 
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Router B 
router bgp 2 
neighbor 172.17.1.1 remote-as 1 


Clear the connection and view the timer values: 


rtrA#show ip bgp neighbors 

BGP neighbor is 172.17.1.2, remote AS 2, external link 
BGP version 4, remote router ID 172.17.1.2 
BGP state = Established, up for @0:01:04 


Finally, configure the timers and Routers A and B using the neighbor timers command, 
using values larger than 70 and 210. 


Router A 
router bgp 1 


neighbor 172.17.1.2 remote-as 2 
Router B 

router bgp 2 

neighbor 172,17.1.1 remote-as 1 


Clear the connection and view the timers: 


rtrA#show ip bgp neighbors 
BGP neighbor is 172.17.1.2, remote AS 2, external link 
BGP version 4, remote router ID 172.17.1.2 

BGP state = Established, up for 00:01:04 


Configured hold time is 240, keepalive interval is 80 seconds 


The timer values used with the neighbor command override the values used with the 
timers bgp command, regardless of their value. 


Use the show ip bgp neighbors command to verify timer values. 
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Troubleshooting 
Step 1 Verify that the BGP neighbors are in the Established state using the show 

ip bgp neighbors command. . 

If the neighbor relationship is not in the Established state, see section 8-23, 

Step 2 The holdtime should be three times the keepalive value. If neighbors 

using different keepalive and holdtime values, the smaller value is 


Step 3 Timer values set using the neighbor command override values set sing 
the timers bgp command, but only for that neighbor. 


CHAPTER 14 


BGP show Commands 


14-1: show ip bgp 


14-2: show ip bgp | begin /ine 
3: show ip bgp | exclude /ine 


14-4: show ip bgp | include /ine 


Syntax Description: 


ALAMALALRATALLALAY 


° — line—Regular expression. See Appendix B, “Regular Expressions.” 
Purpose: To display the contents of the local BGP routing table. 


Cisco IOS Software Release: 10.0 


ample: Display the BGP Routing Table 
The following is some sample output from the show ip bgp command: 


rtrA#show ip bgp 

BGP table version is 9, local router ID is 200.1,4,1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight 
17.1.2 
teat 
«17.1.2 
ma ge (D 


*s 
*> 
*s 


> 


*>1i156. ’ 
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The following list describes the various fields displayed when using the show ip bg 
command: -_ 


List the 199 prefixes in the BGP routing table: 


rtrA#show ip bgp | include 199 
BGP table version is 90, local router ID is 199,172,15,1 


*> 
s> 
"> 
S> 
*> 


BGP table version—Whenever the BGP table is changed, the version numb 
incremented. ee 


local router [ID—The highest IP address assigned to an interface. If loopbhae 
used, the router ID is the highest IP address assigned to a loopback inter 
router ID can be changed using the bgp router-id configuration command (| 
section 3-17). 


Status codes 

=> s—The entry is suppressed (see Chapter 8, section 8-32). 

=> *—The entry is valid. 

= h—Dampening is enabled for the prefix (see sections 3-9 through 3-12) 

=> >—If there are multiple entries for the prefix, this indicates the best 

=> i—The prefix was learned via IBGP. This is the i to the left of the nety 
entry. 

Origin codes 

=> i—Routes installed using the network command. 

= e—Routes learned via EGP. 

= ?—Routes learned via redistribution. ‘ 


Network—Prefix entry in the table. If a mask is not listed, the prefix is using # 
standard mask for the entry’s class. 


Next Hop—Next-hop attribute advertised by the BGP neighbor. A value of € 
indicates that the prefix originated locally (see section 8-17). ; 


Metric—Value of the multi-exit discriminator advertised by the BGP. eighl 
LocPrf—Local preference value. The default is 100. 


“aN 
Weight— Weight assigned to the prefix. Local routes default to 32768. Unies 
the weight of received routes is set to 0. 


Path—aA list of the autonomous system paths leading back to the prefix. 


199,.172.1.9 @.8.0.0 ® 32768 i 
199.172.2.0 6.0.0.0 @ 32768 i 
199.172.2.0/23 0.0.0.0 32768 i 
199.172.3.0 @.9.0.0 a) 32768 i 
199.172.4.0 0.9.0.0 i) 32766 I 
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List everything but the 199 prefixes in the BGP routing table: 


ce2red#show ip bgp | exclude 199 
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 

Origin codes: i - IGP, e - EGP, ? - incomplete 
Next Hop Metric LocPrf Weight Pat 

VZ2N 47. Bieit Q 

172.17.1.1 @ 

A727 @ 

pir EERE fess yo | Q 


f 
2 
2 i 
2 
2 


14-5: show ip bgp prefix 
Syntax Description: 
© — prefix—IP address of the prefix to display. 
Purpose: To display the contents of the local BGP routing table for a specific prefix. 
Cisco LOS Software Release; 10,0 


Example: Display a Specific Prefix from the BGP Routing Table 
The following is some sample output from the show ip bgp prefix command: 


rtrAfshow ip bgp 199.172.1.0 
BGP routing table entry for 199.172.1.0/24, version 6 
Paths: (1 available, best #1) 
Advertised to non peer-group peers: 
172.17.1.1 


Local 
@.8.0.0 from 0.0.0.0 (199.172.15.1) 
Origin IGP, metric ®, localpref 100, weight 32768, valid, sourced, local, 
best, ref 2 


14-6: show ip bgp prefix mask 


14-7: show ip bgp prefix/mask-length 
Syntax Description: 
© — prefix—IP address of the prefix to display. 
* —=mask—Display prefix with a specific network mask. 
© — mask-length—Bit length of the mask. 


Purpose: To display the contents of the local BGP routing table for a specific prefix with a 
specific mask, 


Cisco IOS Software Release: 10.0 
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Example: Display a Specific Prefix from the BGP Routing Table 
the Specified Mask | 


The following is some sample output from the show ip bgp prefix mask command. } 
list the entire contents of the BGP routing table: 7 


rtrA#show ip bgp 

BGP table version is 98, local router ID is 199.172.15,.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - 
Origin codes: i - IGP, e - EGP, 7? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
*> 199.172.1.0 0.0.8.0 6 32768 i 
s> 199.172.2.0 8.0.9.9 @ 32768 i 
*> 199.172.2.0/23 0.0.0.0 32768 i 
s> 199.172.3.0 0.0.9.8 vs) 32768 i 
*> 199.172.4.0 0.0.0.0 v4] 32768 i 
*> 200.1.1.0 172.17.1.1 4) @2i 
*> 200.1.2.0 20 Nievet Q 02:3 
“> 200.1.3.0 W200 a @2i 
*> 200.1.4.0 V72.047%6450 vs) @2i 


Now list entries for the prefix 199.172.2.0 having a mask equal to 24 bits: 


rtrA#show ip bgp 199.172.1.@ 255,255.255.0 
BGP routing table entry for 199.172.1.0/24, version 6 
Paths: (1 available, best #1) 
Advertised to non peer-group peers: 
172.17.1.1 
Local 
@.0.0.0 from 0.0.0.0 (199.172.15.1) ‘ 
Origin IGP, metric @, localpref 100, weight 32768, valid, sourced, 10G 
best, ref 2 


14-8: show ip bgp prefix mask longer-prefixes 


14-9: show ip bgp prefix/mask-length longer-prefixe: 
Syntax Description: 
© = prefix—tIP address of the prefix to display. 
© —mask—Display prefix with a specific network mask. 
* —mask-length—Bit length of the mask. 
Purpose: To display the contents of the local BGP routing table for a specific p ef 
specific mask and any prefixes having a longer mask than the one specified. 
Cisco IOS Software Release: 10.0 
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xample: Display a Specific Prefix from the BGP Routing Table 
ving a Mask Greater Than or Equal to the Mask Specified in the 
mmand 


The following is some sample output from the show ip bgp prefix mask longer-prefixes 
command. First, list the entire BGP routing table: 


rtrA#show ip bgp 

BGP table version is 9@, local router ID is 199.172.15.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
199.172. .0. 32768 i 
199. 32768 


199, 
199. 
199, 
200. 
200. 
200. 
280. 


Sees ehonn = 
NNNNME HHH 


Now list entries for the prefix 199,172.2.0 having a mask greater than or equal to 23 bits: 


rtrA#show ip bgp 199.172.2.@ 255.255.254.@ longer-prefixes 
BGP table version is 90, local router ID is 199.172.15.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 


s> 199.172.2.0 @.9.0.0 9 32768 i 
*> 199.172.2.0/23 2.0.0.0 32768 i 
S> 199.172.3.® 2.0.0.0 vi) $2768 i 


An alternative form is to use the mask length: 


rtrA#show ip bgp 199.172.2.0/23 longer-prefixes 
BGP table version is 9@, local router ID is 199.172,15.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 


s> 199,172.2.0 0.0.0.0 i) 32768 i 
*> 199.172.2.0/23 0.0.2.0 32768 i 
$> 199.172.3.0 2.0.0.0 1) 32768 i 
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14-10: 


14-11: 


14-12: 


14-13: 


14-14: 


14-15: 


14-16: 


14-17: 


14-18: 


14-19: 
line 


14-20: show ip bgp prefix mask longer-prefixes | excl! 


line 


line 


14-21: show ip bgp prefix mask longer-prefixes | incl 


show ip bgp prefix | begin /ine 

show ip bgp prefix | exclude /ine 

show ip bgp prefix | include line 

show ip bgp prefix mask | begin /ine 

show ip bgp prefix mask | exclude /ine 
show ip bgp prefix mask | include /ine 
show ip bgp prefix/mask-length | begin line 


show ip bgp prefix/mask-length | exclude /i o 


show ip bgp prefix/mask-length | include /iné- 


show ip bgp prefix mask longer-prefixes | beg 


14-24; show ip bgp pretix/mask-length longer-prefixes | include line 291 


4-22: show ip bgp prefix/mask-/ength longer-prefixes | 
gin line 


4-23: show ip bgp prefix/mask-length longer-prefixes | 
xclude /ine 


44-24: show ip bgp prefix/mask-length longer-prefixes | 
include /ine 
) Syntax Description: 

° — prefix—IP address of the prefix to display. 

* mask—Display prefix with a specific network mask. 
* — line—Regular expression. See Appendix B. 
° = mask-length—Bit length of the mask. 


Purpose: To display the contents of the local BGP routing table for a specific prefix or a 
specific prefix/mask using output modifiers, 


Cisco LOS Software Release: 10.0 


Example: Display a Specific Prefix from the BGP Routing Table 
Using Output Modifiers 


The following is some sample output from the show ip bgp prefix mask longer-prefixes | 
include line command. First, list the entire BGP routing table: 


rtrA#show ip bgp 

BGP table version is 98, local router ID is 199.172.15.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Metric LocPrf Weight 
® 
\) 


vit. 
12 
.2 
+3 
4. 
a] 
-® 
2 
8 
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Next, list all the entries for the prefix 199.172.2.0: 


rtrA#show ip bgp 199.172.2.6 255.255.254.0 longer-prefixes 
BGP table version is 90, local router ID is 199.172.15.1 , 
Status codes: s suppressed, d damped, h history, * valid, > best, i - intepn 
Origin codes: i - IGP, e - EGP, ? - incomplete “SS 


Network Next Hop Metric LocPrf Weight Path 


s> 199.172.2.0 0.0.0.0 Q 32768 i 
*> 199.172.2.0/23 0.0.0.0 32768 i '§ 
s> 199.172.3.0 @.0.0.0 Q 32768 i 


List only the suppressed entries for the 199.172.2.0 prefixes: 


rtrA#show ip bgp 199.172.2.0 255.255.254.0 longer-prefixes | include 5s 
BGP table version is 90, local router ID is 199.172.15.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - intern 
Origin codes: i - IGP, e - EGP, ? - incomplete @ 
s> 199.172.2.0 0.0.0.0 i) 32768 i 
s> 199.172.3.0 0.9.0.0 @ 32768 I 


rtrA#show ip bgp 199.172.2.@ 255.255.254.@ longer-prefixes | exclude s 


Network Next Hop Metric LocPrf Weight Path 
*> 199.172.2.0/23 0.0.0.0 32768 I 


14-25: show ip bgp cidr-only 
14-26: show ip bgp cidr-only | begin /ine 
14-27: show ip bgp cidr-only | exclude /ine 


14-28: show ip bgp cidr-only | include /ine 
Syntax Description: 
© —line—Regular expression. See Appendix B. 


Purpose: To display the contents of the local BGP routing table for prefixes a™ 
nonnatural mask. A natural mask is 8 bits for a Class A network, 16 bits for CI = 
24 bits for Class C, 


Cisco IOS Software Release: 10.0 


14-32: show ip bgp community community-number(s) | exclude line 293 


example: Display BGP Prefixes Having a Nonnatural Mask 
First, list the entire BGP routing table: 


rtrA#show ip bgp 

BGP table version is 90, local router ID is 199.172.15.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 
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Next, list all the entries having a nonnatural mask: 


rtrA#show ip bgp cidr-only 

BGP table version is 90, local router ID is 199.172.15.1 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
*> 199.172.2.0/23 0.0.0.0 32768 i 


14-29: show ip bgp community community-number(s) 


14-30: show ip bgp community community-number(s) 
€xact-match 


14-31: show ip bgp community community-number(s) | 
begin /ine 


14-32: show ip bgp community community-number(s) | 
€xclude /ine 
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14-33: show ip bgp community community-number(s 
include line 


14-34: show ip bgp community community-number(s, 
begin /ine exact-match 


14-35: show ip bgp community community-number(s) 
exclude /ine exact-match | 


Ze 


14-36: show ip bgp community community-number(s 
include /ine exact-match 
Syntax Description: 


* — community-number(s}—One or more BGP community numbers. Community 
numbers are in the range of 1 to 4294967295. Well-known community keywo 


that may be used are local-as. no-advertise. and no-export (see section 8-28 
© — line—Regular expression. See Appendix B. . 


Purpose: To display the contents of the local BGP routing table for prefixes mate nin 
supplied community number(s). 


Cisco IOS Software Release: 10.3. The local-as keyword was added in Cisco IOS 
Software Release 12.0. 


Example: Display BGP Prefixes Belonging to a Specific Com 


Routes belonging to a specific community can be listed using the show ip bgp co 
command followed by the community value of interest. 


rtrA#show ip bgp community no-export 

BGP table version is 41, local router ID is 10.1.1.2 —. 
Status codes: s suppressed, d damped, h history, * valid, > best, i - intefm 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
*> 172.16.1.0/24 10.4.1.1 @ ® 65530 i 


14-44: show ip bgp community-list community-list-number exact-match | include line 295 
a 


44-37: show ip bgp community-list community-list- 
number 


44-38: show ip bgp community-list community-list- 
number | begin line 


14-39: show ip bgp community-list community-list- 
number | exclude /ine 


14-40: show ip bgp community-list community-list- 
number | include /ine 


14-41: show ip bgp community-list community-list- 
number exact-match 


14-42: show ip bgp community-list community-list- 
number exact-match | begin /ine 


14-43: show ip bgp community-list community-list- 
number exact-match | exclude /ine 


14-44: show ip bgp community-list community-list- 
Number exact-match | include /ine 
Syntax Description: 
© = community-list-number—IP community list number. Valid list numbers are | to 199. 


¢ — line—Regular expression. See Appendix B, “Regular Expressions.” 
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Purpose: To display the contents of the local BGP routing table for prefixes mai chi 
community listed in the community list. a 


Cisco LOS Software Release: 10.3 


Example: Display BGP Prefixes Belonging to a Specific Com r 
Using a Community List 


An IP community list can be used to list routes belonging to a certain community or} 
communities using the following configuration. This example lists only those routes 
community value of no-export. 


ip community-list 1 permit no-export 

rtrA#show ip bgp community 1 

BGP table version is 41, local router ID is 10,1.1.2 
Status codes: s suppressed, d damped, h history, * valid, > best, i - intepn 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
*> 172.16.1.0/24 10.1.1.1 0] @ 65530 I 


14-45: show ip bgp dampened-paths 


14-46: show ip bgp dampened-paths | begin /ine 


14-47: show ip bgp dampened-paths | exclude /inée 


1 4-48: show ip bgp dampened-paths | include /ine 
Syntax Description: 
© = lJine—Regular expression, See Appendix B. ; 
Purpose: To display the contents of the local BGP routing table for dampened prefi 
sections 3-9 through 3-12). 
Cisco LOS Software Release: | 1.0 


Example: Display BGP Dampened Prefixes 
In order to display only those routes that have been dampened, use the show ip PRE 
dampened-paths command. BGP dampening must be enabled before the route 7 
maintain this information in memory. 


14-52: show ip bgp filter-list as-path-access-list | include line 297 


rtrA#show ip bgp dampened-paths 
BGP table version is 7, local router ID is 10,1.1.2 


Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network From Reuse Path 
*d 172.16.2.0/24 10.1.1.1 00:19:30 1 i 


44-49: show ip bgp filter-list as-path-access-list 


14-50: show ip bgp filter-list as-path-access-list | begin 
line 


14-51: show ip bgp filter-list as-path-access-list| exclude 
line 


14-52: show ip bgp filter-list as-path-access-list| include 
line 


Syntax Description: 
® — as-path-access-list—AS path access list number. The range of valid numbers is | to 
199, 
° line—Regular expression. See Appendix B. 


Purpose: To display the contents of the local BGP routing table for prefixes matching the 
specified AS path access list. 


Cisco IOS Software Release: !|0.0 


Example: Displaying BGP Dampened Prefixes to Match Specified 
AS Path Access List 


The AS path attribute of a BGP route can be used to determine the routes that are displayed 
when using the show ip bgp command. For this example, we want to use an access list to 
list only those routes that originated in AS 2. Only routes having the AS value(s) permitted 
in the access list will be displayed. 
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ip as-path access-list 1 permit “2S 


rtrA#show ip bgp filter-list 1 

BGP table version is 90, local router ID is 199.172.15.1 
Status codes: s suppressed, d damped, h history, * valid, > best, i - interpnap 
Origin codes: i - IGP, e€ - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
*> 200.1.1.0 t72.47.1.1 @ @2i 
> 200.1.2.0 172.17.1.1 @ 8 2) 
*> 200.1.3.8 t72St72451 Q @2i 
*> 200.1.4.0 172.17.1.1 0 @2t 


14-53: show ip bgp flap-statistics 
14-54: show ip bgp flap-statistics prefix/mask-length 


14-55: show ip bgp flap-statistics prefix/mask-length 
longer-prefixes 


14-56: show ip bgp flap-statistics prefix/mask-length 
longer-prefixes | begin regular-expression 


14-57: show ip bgp flap-statistics prefix/mask-length 
longer-prefixes | exclude regular-expression 


14-58: show ip bgp flap-statistics prefix/mask-leng A 
longer-prefixes | include regular-expression 


14-59: show ip bgp flap-statistics prefix/mask-length 
begin regular-expression 


14-68: show ip bgp flap-statistics prefix mask | exclude regular-expression 299 


44-60: show ip bgp flap-statistics prefix/mask-length | 
exclude regular-expression 


14-61: show ip bgp flap-statistics prefix/mask-length | 
include regular-expression 


44-62: show ip bgp flap-statistics prefix 


14-63: show ip bgp flap-statistics prefix | begin regular- 
expression 


14-64: show ip bgp flap-statistics prefix | exclude 
regular-expression 


14-65: show ip bgp flap-statistics prefix | include regular- 
expression 


14-66: show ip bgp flap-statistics prefix mask 


14-67: show ip bgp flap-statistics prefix mask | begin 
fegular-expression 


14-68: show ip bgp flap-statistics prefix mask | exclude a 
regular-expression aa 
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14-69: show ip bgp flap-statistics prefix mask | incly 
regular-expression u 


14-70: show ip bgp flap-statistics prefix mask longer 
prefixes 


14-71: show ip bgp flap-statistics prefix mask longe 
prefixes | begin regular-expression 


14-72: show ip bgp flap-statistics prefix mask longer 
prefixes | exclude regular-expression 


14-73: show ip bgp flap-statistics prefix mask lone ar 
prefixes | include regu/ar-expression 


14-74: show ip bgp flap-statistics filter-list /ist-numbe 


14-75: show ip bgp flap-statistics filter-list /ist-nu 1b 
begin regular-expression 


14-76: show ip bgp flap-statistics filter-list /ist-nump 
exclude regular-expression | 


14-77: show ip bgp flap-statistics filter-list /ist-nu 1b 
include regu/ar-expression | 


14-85: show ip bgp flap-statistics | include regular-expression 301 
°° — NN, SED 


44-78: show ip bgp flap-statistics quote-regexp quoted- 
jine 


14-79: show ip bgp flap-statistics quote-regexp quotea- 
 jine | begin regular-expression 


14-80: show ip bgp flap-statistics quote-regexp quoted- 
line | exclude regular-expression 


14-81: show ip bgp flap-statistics quote-regexp quoted- 
line | include regular-expression 


14-82: show ip bgp flap-statistics regexp regular- 
expression 


14-83: show ip bgp flap-statistics | begin regular- 
expression 


14-84: show ip bgp flap-statistics | exclude regular- 
expression 


14-85: show ip bgp flap-statistics | include regular- 
expression 
Syntax Description: 
© — prefix—iP address of the prefix to display. 
© —mask—Display prefix with a specific network mask. 


© = mask-length—Bit length of the mask. 
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line—Regular expression. See Appendix B. ‘ 
° — list-number—Regular expression access list number. The range of values is 1} 
© = quoted-line—Regular expression in quotes. 4 
Purpose: To display flap statistics for routes in the BGP table. 
Cisco IOS Software Release: 11.0 


Example: Display BGP Flap Statistics 


A route flap occurs when a route is withdrawn and then later readvertised. This 
happens when an interface is going from the UP state to the DOWN state repeat 
can view the number of times a route has flapped using the show ip bgp flap-sta 
command. This assumes that BGPP dampening has been enabled on the router. 


rtrA#show ip bgp flap-statistics 

BGP table version is 9, local router ID is 10.1.1.2 
Status codes: s suppressed, d damped, h history, * valid, > best, i - int 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network From Flaps Duration Reuse Path 
*d 172.16.2.0/24 10.1.1.1 3 Q0:02:55 00:28:10 1 


The following list explains some of the fields that appear in the preceding output fros 
show ip bgp flap-statistics command. 
® BGP table version—Whenever the BGP table changes, the version number is 
incremented, 


* — local router ID—The highest IP address assigned to an interface. If loop 
used, the router LD is the highest IP address assigned to a loopback interface. 
router ID can be changed using the bgp router-id configuration command (sees 
3-17). 


* Status codes 
=> s—The entry is suppressed (see Chapter 8 and section 8-32). 
=> *—The entry is valid. 
= d—tThe prefix is dampened. 
=> h—Dampening is enabled for the prefix (see sections 3-9 through 3+! 2), 
=> >—If there are multiple entries for the prefix, this indicates the best rout 
=> i—The prefix was learned via IBGP. This is the i to the left of the network ent 
® Origin codes 
=> i—Routes installed using the network command. 
= e—Routes learned via EGP. 


=> ?—Routes learned via redistribution. 


14-89: show ip bgp inconsistent-as | include line 303 


° = Network—Prefix entry in the table. If a mask is not listed, the prefix is using the 
standard mask for the class of the entry. 


¢  From—Next-hop attribute advertised by the BGP neighbor. A value of 0.0.0.0 
indicates that the prefix was locally originated (see section 8-17). 


*® Flaps—tThe number of times the prefix has flapped. 
*  Duration—Time since the first flap. 
* Reuse—Time until the prefix is undampened. 


* —Path—A list of the autonomous system paths leading back to the prefix. 


14-86: show ip bgp inconsistent-as 
14-87: show ip bgp inconsistent-as | begin /ine 
14-88: show ip bgp inconsistent-as | exclude /ine 


14-89: show ip bgp inconsistent-as | include /ine 
Syntax Description: 
* —line—Regular expression. See Appendix B. 
Purpose: To display routes with inconsistent originating autonomous systems. 


Cisco LOS Software Release: 11.0 


Example: Display BGP Routes Having an Inconsistent Originated AS 


Routes that have the same next-hop address should come from the same AS. When this is 
not the case, inconsistent AS information exists. The inconsistent AS information can be 
displayed using the show ip bgp inconsistent-as command. 

rtrA#show ip bgp inconsistent-as 

BGP table version is 3, local router ID is 172.17.1.1 


Status codes: s suppressed, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
* 199.1.1.0 172.17.1.2 a 612°? 
*> 172.17.1.2 t) 03? 
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14-90: show ip bgp neighbors 

14-91: show ip bgp neighbors | begin /ine 
14-92: show ip bgp neighbors | exclude /ine 
14-93: show ip bgp neighbors | include /ine 


14-94: show ip bgp neighbors ip-address adverti 
routes 


14-95: show ip bgp neighbors ip-address dampenec 
routes 


14-96: show ip bgp neighbors ip-address flap-statis 


14-97: show ip bgp neighbors ip-address paths 


14-98: show ip bgp neighbors jp-address paths /in 


14-99: show ip bgp neighbors jp-adaress received- 
routes 


14-100: show ip bgp neighbors ip-address routes 


14-100: show ip bgp neighbors ip-address routes 305 
Se eee EEE SC, OU! ee OU |” hc ee 


Syntax Description: 
© — ip-address—IP address of the BGP neighbor. 
© — line—Regular expression. See Appendix B. 


Purpose: To display routes with inconsistent originating autonomous systems. Soft 
inbound reconfiguration needs to be enabled before you use the received-routes form of 
this command. 


Cisco IOS Software Release: 10.0. The received-routes keyword was added in Cisco IOS 
Software Release | 1.2. 


| Example: Display Information for a Specific BGP Neighbor 


The state of a BGP neighbor can be examined by using the show ip bgp neighbors 
command. This is usually the first command to use when debugging a BGP connection. 


rtrA#show ip bgp neighbors 172.17.1.2 
BGP neighbor is 172.17.1.2, remote AS 1, external link 
BGP version 4, remote router ID 199.172.15.1 
BGP state = Established, up for iwid 
Last read 00:00:43, hold time is 180, keepalive interval is 60 seconds 
Neighbor capabilities: 
Route refresh: advertised 
Address family IPv4 Unicast: advertised and received 
Received 18174 messages, @ notifications, @ in queue 
Sent 13168 messages, @ notifications, ® in queue 
Route refresh request: received @, sent 0 
Minimum time between advertisement runs is 30 seconds 


For address family: IPv4 Unicast 

BGP table version 14, neighbor version 14 

Index 1, Offset @, Mask @x2 

3 accepted prefixes consume 108 bytes 

Prefix advertised 40, suppressed @, withdrawn @ 


Connections established 18; dropped 9 

Last reset Iwid, due to User reset 
Connection state is ESTAB, 1/0 status: 1, unread input bytes: @ Awe 
Local host: 172.17.1.1, Local port: 11106 ger A lo 
Foreign host: 172.17.1.2, Foreign port: 179 


Enqueued packets for retransmit: ®, input: ® mis-ordered: @ (®@ bytes) 


Event Timers (current time is 0x357A31F8): 


Timer Starts Wakeups Next 
Retrans 11859 ® Oxd 
TimeWait @ v4) @xd 
AckHold 11862 11505 Ox® 
SendwWnd @ ® @x® 
KeepAlive i) @ Qx® 


continues 
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(Continued) 

GiveUp 4) i) @x@ 

PmtuAger 0) V1] Ox 

DeadWait M1] Q @x8 

iss: 2220955579 snduna: 2221180949 sndnxt: 2221180949 sndwnd: 16327 
irs: 1147082461 revnxt: 1147307991 rcvwnd: 16156 delrcvwnd: 8 


SRTT: 300 ms, ATTO: 607 ms, RTV: 3 ms, KATT: @ ms 
minATT: @ ms, maxRTT: 376 ms, ACK hold: 200 ms 
Flags: higher precedence, nagle 


Datagrams (max data segment is 1460 bytes): 
Revd: 23247 (out of order: @), with data: 11862, total data bytes: 225529 
Sent: 23520 (retransmit: @), with data: 11859, total data bytes: 225388 


The following list explains some of the fields that appear in the preceding output fro 
show ip bgp neighbors 172.17.1.2 command. i. 


BGP neighbor—IP address and autonomous system number of the BGP 
If the link is internal, the neighbors are in the same autonomous system. 
is external, the neighbors are in different autonomous systems. 


remote AS—BGP neighbor's autonomous system number. 
external link—Indicates that this peer is an Exterior Border Gateway Protoc 
(EBGP) peer. 

BGP version—BGP version that the neighbors are using. 
remote router ID—The ID of the remote neighbor. The ID is the highest 
assigned to a physical interface or the highest loopback address. 
BGP state—Internal state of this BGP connection. If the state does not reach 
Established state. there is a problem forming the BGP connection. 
up for—Amount of time that the TCP connection has been established, — 
Last read—Time that BGP last read a message from this neighbor. 


hold time—Maximum amount of time that can elapse between me 
peer before the neighbor is declared down. 

keepalive interval—Time period between sending keepalive packets. The ke 
interval is generally three times the hold time. 
Neighbor capabilities—BGP capabilities advertised and received from thi 
neighbor. If you are running code earlier than 12.0, you do not s¢e this fi 
Route refresh—Indicates that the neighbor supports dynamic soft reset U 
refresh capability. If you are running code earlier than 12.0, you do not see 
Address family [Pv4 Unicast—IPv4 unicast-specific properties of this BS 
If you are running code earlier than 12.0, you do not see this field. 


14-100: show ip bgp neighbors ip-address routes 307 


Address family IPv4 Multicast—IPy4 multicast-specific properties of this 
neighbor. If you are running code earlier than 12.0, you do not see this field. 


Received—Number of total BGP messages received from this peer, including 
keepalives. 
notifications—Number of error messages received from this neighbor. 


Sent—Total number of BGP messages that have been sent to this neighbor, 
including keepalives. 


notifications—Number of error messages the router has sent to this neighbor. 


Route refresh request—Number of route refresh requests sent to and received from 
this neighbor. 


advertisement runs—Value of the minimum advertisement interval. 
For address family—Address family to which the following fields refer. 


BGP table version—Every time the BGP table changes, this number is 
incremented. 


neighbor version—Number used by the software to track the prefixes that have 
been sent and those that have to be sent to this neighbor. 


Community attribute—Appears if the neighbor send-community command is 
configured for this neighbor. 


Inbound path policy—Indicates if an inbound policy is configured. 
Outbound path policy—Indicates if an outbound policy is configured. 
mul-in—Name of the inbound route map for the multicast address family. 
mul-out—Name of outbound route map for the multicast address family. 
accepted prefixes—Number of prefixes accepted. 

Prefix advertised—Number of prefixes advertised. 
suppressed—Number of prefixes suppressed. 

withdrawn—Number of prefixes withdrawn. 


Connections established—Number of times the router has established a TCP 
connection and the two peers have agreed to speak BGP with each other. 


dropped—Number of times that a good connection has failed or been taken down. 
Last reset—Elapsed time since this peering session was last reset. 

Connection state—State of the BGP peer. 

unread input bytes—Number of bytes of packets still to be processed. 

Local host, Local port—Peering address of local router, plus port. 

Foreign host, Foreign port—Neighbor’s peering address. 
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* Event Timers Table—Displays the number of starts and wakeups for each tin 
© — iss—Initial send sequence number. 


® — snduna—Last send sequence number the local host sent but has not received 
acknowledgment for. 


¢ = sndwnd—TCP window size of the remote host. 

® irs—tnitial receive sequence number. 

* —revnxt—Last receive sequence number the local host has acknowledged. 
¢ —reywnd—Local host’s TCP window size. 


®  delrecvwnd—Delayed receive window. Data the local host has read from the 
connection but has not yet subtracted from the receive window the host has 
advertised to the remote host. The value in this field gradually increases until 
larger than a full-sized packet, at which point it is applied to the revwad field. 


* SRTT—A calculated smoothed round-trip time-out. 
®* RTTO—Round-trip time-out. 
© RTV—Variance of the round-trip time. 


© KRTT—New round-trip time-out (using the Karn algorithm). This field se 
tracks the round-trip time of packets that have been retransmitted. 


©  minRTT—Smallest recorded round-trip time-out (hard-wire value used for 
calculation). 


©  maxRTT—Largest recorded round-trip time-out. 


© ACK hold—Time the local host will delay an acknowledgment in onder te) 
piggyback data on it. } 


© =Flags—IP precedence of the BGP packets. 
® Datagrams Revd—Number of update packets received from this neigh! por. 
® with data—Number of update packets received with data. 
* total data bytes—Total bytes of data. 

© Sent—Number of update packets sent. 

© with data—Number of update packets with data sent. 

® total data bytes—Total number of data bytes. 


14-101: show ip bgp paths 


14-102: show ip bgp paths /ine 


14-107: show ip bgp paths | include line 309 


44-103: show ip bgp paths /ine 

44-104: show ip bgp paths /ine 

14-105: show ip bgp paths | begin /ine 
14-106: show ip bgp paths | exclude /ine 


14-107: show ip bgp paths | include /ine 


Syntax Description: 


© — ip-address—IP address of the BGP neighbor. 
¢ — line—Regular expression. See Appendix B. 
Purpose: To display all the BGP paths in the database. 


Cisco IOS Software Release: 10.0 


Example: Display BGP Path Information 


The AS paths contained in the BGP database can be displayed using the show ip bgp paths 
command. 


rtrA#show ip bgp paths 
Address Hash Refcount Metric Path 
@x125E94 


@x996F4 
@x125D6C 


The following list explains some of the fields that appear in the preceding output from the 
show ip bgp paths command. 


© Address—Memory address of where the path is stored. 
® —Hash—Hash bucket where the path is stored. 

© Refcount—Number of prefixes using that path. 

© = Metric—Multi-exit discriminator for the path. 


© Path—The autonomous system path and origin code for the prefix. 
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14-108: show ip bgp peer-group 


14-109: show ip bgp peer-group peer-group-name 


14-110: show ip bgp peer-group peer-group-name summ; 
Syntax Description: 
© — peer-group-name—Name of the peer group, 
Purpose: To display information regarding BGP peer groups. 
Cisco LOS Software Release: 11.0 


Example: Display BGP Peer Group Information 
To view the parameters of a BGP peer group, use the show ip bgp peer-group ¢ 


rtrA#show ip bgp peer-group 
BGP neighbor is demo, peer-group leader 
BGP version 4 
Minimum time between advertisement runs is 5 seconds 
Incoming update AS path filter list is 30 
Outgoing update AS path filter list is 40 
Route map for outgoing advertisements is adjust-weight 


14-111: show ip bgp summary 
14-112: show ip bgp summary | begin /ine 
14-113: show ip bgp summary | exclude /ine 


14-114: show ip bgp summary | include /ine 
Syntax Description: 
¢ —line—Regular expression. See Appendix B. 
Purpose: To display the status of BGP connections. 


Cisco IOS Software Release: 10.0. The PfxRcd and Admin fields were added in vers* 


14-114: show ip bgp summary | include line 311 


Example: Display a Summary for All BGP Connections 
Display the entire BGP table: 


rtrA#show ip bgp summary 

BGP router identifier 200.1.4.1, local AS number 2 

BGP table version is 14, main routing table version 14 
7 network entries and 7 paths using 931 bytes of memory 
3 BGP path attribute entries using 156 bytes of memory 
1 BGP AS-PATH entries using 24 bytes of memory 

@ BGP route-map cache entries using ® bytes of memory 


® BGP filter-list cache entries using ® bytes of memory 
BGP activity 193/657 prefixes, 193/186 paths, scan interval 15 secs 


Neighbor V AS MsgRevd MsgSent TblVer InQ OutQ Up/Down State/PfxAcd 


10.1.1.2 2 7584 7590 14 vs) ® 5d®6h @ 
172.17.1.2 1 13359 13353 14 Q ® 1wid 3 


The following list explains some of the fields that appear in the preceding output from the 
show ip bgp summary command. 


* BGP router identifier—ID of the neighbor router. 
© BGP table version—Version number of the internal BGP database. 


* main routing table version—Last version of the BGP database that was injected 
into the main routing table. 


® Neighbor—BGP neighbor's IP address. 

* V—BGP version number that the neighbors are using. 

* AS—Neighbor’s autonomous system number. 

© MsgRevd—Number of BGP messages received from the neighbor. 

© —MsgSent—Number of BGP messages sent to the neighbor. 

©  TblVer—Last version of the BGP database that was sent to that neighbor. 
©  InQ—Number of messages from that neighbor waiting to be processed. 
©  OutQ—Number of messages waiting to be sent to that neighbor. 


©  Up/Down—The length of time that the BGP session has been in the Established 
state, or the current state if it is not Established. 


© = State/PfxRed—Current state of the BGP session/the number of prefixes the router 
has received from a neighbor or peer group. When the maximum number (as set by 
the neighbor maximum-prefix command; see sections 8-13 through 8-16) is 
reached, the string “PfxRcd” appears in the entry, the neighbor is shut down, and the 
connection is Idle. An (Admin) entry with Idle status indicates that the connection 
has been shut down using the neighbor shutdown command (see section 8-29). 


15 


_ BGP clear Commands 
15-1: clear ip bgp * 
| 15-2: clear ip bgp * soft 
| 15-3: clear ip bgp * soft in 


15-4: clear ip bgp * soft out 


15-5: clear ip bgp * soft in out 


f 15-6: clear ip bgp AS-number 


15-7: clear ip bgp AS-number soft 
15-8: clear ip bgp AS-number soft in 
15-9: clear ip bgp AS-number soft out 


15-10: clear ip bgp AS-number soft in out 
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15-11: 


15-12: 


15-13: 


15-14: 


15-15: 


15-16: 


15-17: 


15-18: 


15-19: 


15-20: 
out 


clear ip bgp neighbor-ip-address 

clear ip bgp neighbor-ip-address soft 

clear ip bgp neighbor-ip-address soft in 
clear ip bgp neighbor-ip-address soft out 
clear ip bgp neighbor-ip-address soft in out 
clear ip bgp peer-group peer-group-name 
clear ip bgp peer-group peer-group-name soft 
clear ip bgp peer-group peer-group-name soft 


clear ip bgp peer-group peer-group-name soft 


clear ip bgp peer-group peer-group-name soft 


Syntax Description: 
®  AS-number—Resets all neighbors in the specified autonomous system. 
© = neighbor-ip-address—Resets the specified BGP neighbor. 
© = peer-group-name—Resets all neighbors in the specified peer group. 
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Purpose: To reset a BGP connection. BGP neighbor connections can be reset based on the 
neighbor's IP address, the neighbor’s autonomous system number, or the peer group name. 
You must reset a BGP connection when any of the following have been modified or added to: 


© BGP access list 

© BGP distribute list 

© BGP route map 

© BGP timers 

© BGP weights 

* BGP administrative distance 


Clearing a BGP connection without the soft keyword causes the neighbor relationship to 
transition from Established to Idle. The neighbor relationship is then reestablished, and the 
new routing policies take effect. If the soft keyword is used, the session is not reset, and all 
routing updates are resent. When you use the soft in option, the local BGP configuration 
should include the neighbor soft-reconfiguration command (see section 8-30), Using the 
soft in option is memory-intensive. Using soft out for outbound reconfiguration does not 
incur additional memory overhead. Using soft in out is equivalent to using just soft. 


Cisco IOS Software Release: 10.0 
15-21: clear ip bgp dampening 


15-22: clear ip bgp dampening prefix mask 
Syntax Description: 
° — prefix—Prefix of the dampened route to clear, 
* —mask—Mask of the dampened route to clear. 


Purpose: To clear dampening information for all dampened routes or for a specific 
dampened route. Suppressed routes will be unsuppressed. 


Cisco IOS Software Release: | 1.0 
15-23: clear ip bgp flap-statistics 


15-24: clear ip bgp flap-statistics prefix mask 


316 Chapter 15: BGP clear Commands 


15-25: clear ip bgp flap-statistics filter-list /ist-numbe 


15-26: clear ip bgp flap-statistics regexp regular- 
expression 


15-27: clear ip bgp neighbor-ip-address flap-statistie: 
Syntax Description: 
© — prefix—Prefix of the dampened route to clear, 
© = mask—Mask of the dampened route to clear. 
© — list-number—Number of the IP access list used to identify prefixes to be ¢| ea 


° — regular-expression—Clear statistics for routes matching the regular expressic 


° = neighbor-ip-address—Clear flap statistics of routes received from the ne 
Purpose: To clear the flap statistics for all routes or for specific routes. See sec 
through 3-12 regarding the configuration of BGP dampening. 


Cisco LOS Software Release: | 1.0 


| ee CHAPTER 


BGP debug Commands 


16-1: debug ip bgp 


} Syntax Description: This command has no arguments. 
Purpose: Use to debug the formation of the BGP neighbor relationship. 
} Cisco IOS Software Release: 10.0 


Configuration Example 
In Figure 16-1, Router B has been configured with the wrong AS number for Router A. 


Figure 16-1 Use debug ip bgp to Determine Configuration Errors 


199.172.1,0/24 200.1.1.0/24 
199.172.2.0/24 200.1.2.0/24 
199.172.3.0/24 oe = 200.1.3.0/24 
199.172.4.0/24 geal SSA 200.1.4.0/24 


eo hed ke 


172.17.1.2 172.17.1.1 


Router A 

router bgp 1 
neighbor 172.17.1.1 remote-as 2 
; Router B 
| router bgp 2 

neighbor 172.17.1.2 remote-as 2 


Use debug ip bgp to identify the problem with the formation of the neighbor relationship 
between Routers A and B: 
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rtrB#debug ip bgp 
rtrBtclear ip bgp * 
1d@3h: BGP: 172.17. 
1d@3h: BGP: 172.17. 
1d@3h: BGP: 172.17. 
1d@3h: BGP: 172.17. 
1d@3h: BGP: 172.17. 
1d@3h: BGP: 172.17. 
Wd@3h: BGP: 172.17. 
1d@3h: BGP: 172.17. 
1d@3h: BGP: 172.17. 


went from Idle to Active 

open active, delay 5492ms 

open active, local address 172.17.1.4 

went from Active to OpenSent 

sending OPEN, version 4, my as: 2 

send message type 1, length (incl. header) 41 
rcv message type 1, length (excl. header) 10 
rcv OPEN, version 4 

rcv OPEN w/ OPTION parameter len: @ 


1d@3h: BGP: 172.17.1.2 went from OpenSent to Closing 7 


1d@3h: BGP: 172.17.1.2 local error close, erroneous BGP update received 
1dO3h: BGP: 172.17.1.2 went from Closing to Idle 
1dO@3h: BGP: 172.17.1.2 closing 


ee ee ae ee ee a ee | 
MN NN hw Mw ND fe 


Correct the remote AS number in the neighbor statement on Router B, but use an ine 
IP address for Router A: 


Router 6 
router bgp 2 
neighbor 172.17.1.3 remote-as 1 


Clear the connection and observe the debug output: 


rtrB4debug ip bgp 
rtrB#clear ip bgp * 


1d@4h; BGP: 172,17.1.3 open active, local address 172.17.1.1 


16-2: debug ip bgp neighbor-ip-address updates 


16-3: debug ip bgp neighbor-ip-address updates acceé 
list-number 
Syntax Description: 
® neighbor-ip-address—BGP neighbor's IP address. 
* access-list-number—IP access list number. 


Purpose: To debug BGP updates from a particular neighbor. The first form debu 
updates from the neighbor. The second form can be used to debug specific updates’ 
neighbor. The IP access list number can be in the range 1 to 199 or 1300 to 2699. 


Cisco IOS Software Release: 10.0 
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Example 1: Debug All Updates to and from a Particular Neighbor 


In Figure 16-2, Router A is advertising four prefixes to Router B, and Router B is 
advertising four prefixes to Router A, Debug all the updates received from and sent to 
Router A. 


Figure 16-2 Debug All Updates from a Neighbor 


199.172.1.0/24 200.1.1.0/24 
199.172.2.0/24 200.1.2.0/24 
199.172.3.0/24 “7 200.1.3.0/24 
199.172.4.0/24 gea—eeadlii ee, —-200.1.4.0/24 


172.17,.1.2 172.17.1.1 


Router A 

interface loopback 1 

ip address 199.172.1.1 255.255.255. 
! 

interface loopback 2 

ip address 199.172.2.1 255.255.255.0 
! 

interface loopback 3 

ip address 199.172.3.1 255.255.255.0 
! 

interface loopback 4 

ip address 199.172.4.1 255.255.255.0 
! 

router bgp 1 

network 199.172.1.0 

network 199.172.2.0 
network 199.172.3.0 
network 199.172.4.0 
neighbor 172.17.1.1 remote-as 2 
Router B 

interface loopback 1 

ip address 200.1.1.1 255.255.255.909 
! 

interface loopback 2 

ip address 200.1.2.1 255.255.255.08 
! 

interface loopback 3 

ip address 200.1.3.1 255.255.255.0 
! 

interface loopback 4 

ip address 200.1.4.1 255.255.255.98 
! 


continues 
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Example 2: Debug Specific Updates to and/or from a Particulaf 
Neighbor 


(Continued) 

router bgp 2 

network 200.1.1.0 

network 200.1.2.0 

network 200.1.3.0 

network 200.1.4.8 

neighbor 172.17.1.2 remote-as 1 


Verify that Routers A and B have formed a BGP neighbor relationship, and then debug } 
updates on Router B: [ 


rtrBédebug ip bgp 172.17.1.2 updates 
BGP updates debugging is on for neighbor 172.17.1.2 
clear ip bgp 172.17.1.2 


rtrBe 
01:58:38: BGP(@): 172.17.1.2 computing updates, afi @, neighbor version 0, 
version 1, starting at 0.0.0.0 r 
01:58:38: BGP(0): 172.17.1.2 update run completed, afi @, ran for Oms, neighbe 
version @, start version 1, throttled to 1 a 
01:58:39; BGP(@): 172.17.1.2 revd UPDATE w/ attr: nexthop 172.17.1.2, origin & 
metric @, path 1 
1:58:39: BGP(®): 172.17. 
01:58:39: BGP(®): 172.17. 
01:58:39: BGP(@): 172.17. 
01:58:39: BGP(®): 172.17. revd 199.172.4.0/24 
@1:59:09: BGP(®): 172.17.1.2 computing updates, afi @, neighbor version 1, tabi 
version 9, starting at 0. 0. @.0 
01:59:09: BGP(®): 172.17.1.2 send UPDATE (format) 200.1.1.0/24, next 172.17.19 
metric 0, path 
01:59:09: BGP(®): 172.17.1.2 send UPDATE (prepend, chgflags: 0x208) 200.1. 
next 172.17.1.1, metric @, path 
01:59:09: BGP(@): 172.17.1.2 send UPDATE (prepend, chgflags: 0x208) 200.1.3.1 
next 172.17.1.1, metric @, path 
01:59:09: BGP(®): 172.17.1.2 send UPDATE (prepend, chgflags: 0x208) 200.1.4-0); 
next 172.17.1.1, metric ®, path 
01:59:09: BGP(®): 172.17.1.2 1 updates enqueued (average=64, maximum=64) 
@1:59:09: BGP(@): 172.17.1,2 update run completed, afi @, ran for Oms, nes 
version 1, start version 8, throttled to 9 


revd 199,172.1.0/24 
revd 199.172.2.0/24 
revd 199,.172.3.0/24 


ah ck ek ok eh 
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For this example, debug only updates from Router A regarding network 199.172.3.0. 
debug the prefix 200.1.2.0 from Router B to Router A: 
Router B 


access-list 1300 permit 199.172.3. 
access-list 1300 permit 200.1.2.0 0 


@.8.0.255 
@.0.255 
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(Continued) 
rtrBéedebug ip bgp 172.17.1.2 updates 1300 
BGP updates debugging is on for access list 130@ for neighbor 172.17.1.2 


rtrBéclear ip bgp * 
@2:08:59: BGP(®): 172.17.1.2 rcevd UPDATE w/ attr: nexthop 172.17.1.2, origin i, 


metric ®, path 1 

@2:08:59: BGP(®): 172.17.1.2 revd 199.172.2.0/24 

@2:09:25: BGP(®): 172.17.1.2 send UPDATE (prepend, chgflags: ®x208) 200.1.2.0/24, 
next 172,17,1.1, metric @, path 


16-4: debug ip bgp dampening 


16-5: debug ip bgp dampening access-list-number 
Syntax Description: 
© — access-list-number—IP access list number. 


Purpose: To debug BGP events associated with dampening. The first form debugs all 
dampening events. The second form debugs only dampening events associated with routes 
identified by the IP access list. The IP access list number can be in the range from | to 199 
or 1300 to 2699. Although it isn’t necessary, use logging to store the results so that you can 
review them later. 


Cisco LOS Software Release: 10.0 


Example: Debug All BGP Dampening Events 


In Figure 16-3, Router A is advertising network 199.172.2.0/24 via BGP to Router B. 
Dampening is enabled on Router B, and the 199.172.2.0/24 network on Router A is flapped 
by alternately bringing the interface up and down. 


Figure 16-3 Scenario for Debugging BGP Dampening 


Flapping route 
199.172.2.0/24 , 


172.17.1.2 17217.1.1 
Down Down 
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Router A 
interface loopback 1 
ip address 199.172.2.0 255.255.255.90 


router bgp 1 
neighbor 172.17.1.1 remote-as 2 
Router B 

router bgp 2 

bgp dampening 

neighbor 172.17.1.2 remote-as 1 


After Routers A and B have established a neighbor relationship, enable BGP dar 
debugging on Router B, and flap the loopback interface on Router A: 


Router B 
logging buffered 


rtrB#debug ip bgp dampening 
rtrB4show logging 

Syslog logging: enabled (0 messages dropped, ® flushes, @ overruns) 
Console logging: level debugging, 297 messages logged 
Monitor logging: level debugging, @ messages logged 

Buffer logging: level debugging, 63 messages logged 

Trap logging: level informational, 52 message lines logged 


Log Buffer (4096 bytes): 
03:26:07: BGP(@): Created dampening structures with halflife time 15, 
reuse/suppress 7520/2000 q 
@3:26:43; BGP(®): charge penalty for 199.172.2.0/24 path 1 with halflife-time © 
reuse/suppress 7520/2000 
03:26:43: BGP(@): flapped 1 times since 00:00:00. New penalty is 1000 
@3:27:39: BGP(@): charge penalty for 199.172.2.0/24 path 1 with halflife-time 
reuse/suppress 750/200 é 
@3:27:39: BGP(®): flapped 2 times since 00:00:56. New penalty is 1961 3 
03:28:32: BGP(@): charge penalty for 199.172.2.0/24 path 1 with halflife-time 
reuse/suppress 750/2000 
03:28:32: BGP(®): flapped 3 times since 00:01:49. New penalty is 2886 ia 
@3:29:05: BGP(®): suppress 199.172.2.0/24 path 1 for 00:28:40 (penalty 2819) 
03:29:05: halflife-time 15, reuse/suppress 750/2000 
03:57:52: BGP(®@): Unsuppressed 199.172.2.0/24, path 1 


If you want debugging information for a particular prefix, use the second form 0 
command. For example, to debug dampening for prefix 199.172.2.0/24, use the foHow 
configuration: 


Router B 
access-list 1 permit 199.172.2.@ 0.0.0.255 


rtrBedebug ip bgp dampening 1 


16-7: debug ip bgp keepalives 325 


16-6: debug ip bgp events 
Syntax Description: This command has no arguments. 
Purpose: To debug events relating to the BGP neighbor relationship. 
Cisco IOS Software Release: 10.0 


Example: Debug the Formation of the Neighbor Relationship 
Enable BGP event debugging, and then clear the connection between the BGP neighbors: 


rtrAf#fdebug ip bgp events 

BGP events debugging is on 

rtrA@clear ip bgp * 

rtrAdé 

tw3d: BGP: reset all neighbors due to User reset 

tw3d: BGP; 172.17.1.1 went from Active to Idle 

iw3d: BGP: 172.17.1.1 went from Idle to Active 

iw3d: BGP: scanning routing tables 

lw3d: BGP: 172.17.1.1 went from Active to Idle 

tw3d: BGP: 172.17.1.1 went from Idle to Connect 

iw3d: BGP: 172.17.1.1 went from Connect to OpenSent 

iw3d: BGP: 172.17.1.1 went from OpenSent to OpenConfirm 

dw3d: BGP: 172.17.1.1 went from OpenConfirm to Established 

iw3d: BGP: 172.17.1.1 computing updates, neighbor version @, table version 5, 
starting at 9.0,0.0 

Iw3d: BGP: 172.17.1.1 update run completed, ran for ms, neighbor version 0, 
Start version 5, throttled to 5, check point net 0.0.0.0 


16-7: debug ip bgp keepalives 
Syntax Description: This command has no arguments. 


Purpose: To debug keepalive messages sent between BGP neighbors. To configure the 
Keepalive internal, see sections 8-31 and 13-1. 


Cisco IOS Software Release: 10.0 


Example: Debug BGP Keepalive Messages 
Enable BGP keepalive message debugging between any two BGP neighbors: 


rtrBedebug ip bgp keepalives 
BGP keepalives debugging is on 


rtrBe 
1d@6h: BGP: 172.17.1.2 sending KEEPALIVE 
1d@6h: BGP: 172.17.1.2 KEEPALIVE revd 
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16-8: debug ip bgp in neighbor-ip-address updates 


16-9: debug ip bgp in neighbor-ip-address updates 
access-list-number 


16-10: 


16-11: 
access-list-number 


16-12: 


16-13: 
16-14: 
16-15: 
16-16: 


16-17: 


debug ip bgp out neighbor-ip-address updates 


debug ip bgp out neighbor-ip-address updates 


debug ip bgp updates 

debug ip bgp updates in 

debug ip bgp updates out 

debug ip bgp updates access-list-number 


debug ip bgp updates access-list-number in — 


debug ip bgp updates access-list-number out 
Syntax Description: 

© —neighbor-ip-address—BGP neighbor's IP address. 

© — access-list-number—IP access list number. 
Purpose: To debug BGP updates. The IP access list number can be in the range 1 to 
1300 to 2699. 


Cisco LOS Software Release: 10.0 
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Example 1: Debug All BGP Updates 


In Figure 16-4, Router A is advertising four prefixes to Router B, and Router B is 
advertising four prefixes to Router A. Debug all the updates on Router B. 


Figure 16-4 Debug All Updates from a Neighbor 


199.172.1.0/24 
199.172.2.0/24 
199.172.3.0/24 
199.172.4 0/24 


172.17.1.2 


Router A 
interface loopback 1 
ip address 199.172.1.1 255.255.255.0 
! 
interface loopback 2 
ip address 199.172.2.1 255.255.255.0 
t 
interface loopback 3 
ip address 199.172.3.1 255.255.255.0 
! 
interface loopback 4 
ip address 199.172.4.1 255.255.255.0 
! 
router bgp 1 
network 199.172.1.® 
network 199.172.2.0 
network 199.172.3.0 
network 199,172.4.@ 
neighbor 172.17.1.1 remote-as 2 
Router B 
interface loopback 1 
ip address 200.1.1.1 255,255.255.0 
! 
interface loopback 2 
ip address 200.1.2.1 255.255.255.0 
! 
interface loopback 3 
ip address 200.1.3.1 255.255.255.080 
! 
interface loopback 4 
ip address 200.1.4.1 255.255.255.0 


172.17.1.1 


200,1,1.0/24 
200.1.2.0/24 
200.1,3.0/24 
200.1,4.0/24 


continues 
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Example 2: Debug Input Updates 


(Continued) 

router bgp 2 

network 200.1.1.0 

network 200.1.2.0 

network 200.1.3.@ 

network 200.1.4.0 

neighbor 172.17.1.2 remote-as 1 


rtrBédebug ip bgp updates 
BGP updates debugging is on 
rtrBéclear ip bgp * 
2d03h: BGP(@): 172.17.1.2 send UPDATE (format) 200.1.1.0/24, next 172.17.1.4 
metric @, path “a 
2d@3h: BGP(@): 172.17.1.2 send UPDATE (prepend, chgflags: ®x208) 200.1.2.0/a4. 
next 172.17.1.1, metric @, path — 
2d@3h: BGP(@): 172.17.1.2 send UPDATE (prepend, chgflags: 0x208) 200.1.3 
next 172.17.1.1, metric ®, path 4 
2d03h: BGP(@): 172.17.1.2 send UPDATE (prepend, chgflags: @x208) 200.1.4,0/24 
next 172.17.1.1, metric @, path _ 
2d03h: BGP(®): 172.17.1.2 1 updates enqueved (average=64, maximum=64) 
2d@3h: BGP(@): 172.17.1.2 update run completed, afi 0, ran for Oms, neighbor 
version @, start version 5, throttled to 5 
2d03h: BGP(@): 172.17.1.2 revd UPDATE w/ attr: nexthop 172.17.1.2, origin 5 
metric @, path 1 7 
2d0@3h: BGP(®): 172.17.1.2 revd 199.172.1.0/24 
2d@3h: BGP(@): 172.17.1.2 revd 199.172.2.0/24 
2d03h: BGP(®): 172.17.1.2 revd 199.172.3.0/24 
2d@3h: BGP(®): 172.17.1.2 revd 199.172.4.0/24 


Debug BGP updates on Router B for routes received from Router A. 


rtrBedebug ip bgp updates in 

BGP updates debugging is on (inbound) 

etrbé#clear ip bgp * 

2d03h: BGP(@): 172.17.1.2 revd UPDATE w/ attr: nexthop 172.17.1.2, origin 2 

metric @, path 1 

2d03h: BGP(@): 172.17.1.2 rovd 199.172.1.0/24 

2d03h: BGP(@): 172.17.1.2 rovd 199.172.2.0/24 
2 
2 


2d03n: BGP(®@): 172.17.1.2 rcvd 199.172.3.0/24 


2d03h: BGP(®): 172.17.1.2 revd 199.172.4.0/24 
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Example 3: Debug Output Updates for Specific Prefixes Sent to All 
BGP Neighbors 
Debug BGP updates on Router B for local prefixes 200. 1.2.0 and 200.1.3.2: 
Router B 


access-list 1 permit 200,.1.2.0 0.0.1.255 


rtrBedebug ip bgp updates 1 out 
BGP updates debugging is on for access list 1 (outbound) 
rtrBéclear ip bgp * 


2d@3h: BGP(®): nettable_walker 200.1.2.0/24 route sourced locally 

2d@3h: BGP(@): nettable walker 200.1.3.0/24 route sourced locally 

2d@3h: BGP(®): 172.17.1.2 send UPDATE (prepend, chgflags: @x2@8) 200.1.2.0/24, 
next 172.17.1.1, metric 0, path 

2d@3h: BGP(@): 172.17.1.2 send UPDATE (prepend, chagflags: @x2@8) 200.1.3.0/24, 
next 172.17.1.1, metric ®, path 


Example 4: Debug Input Updates for Specific Prefixes Received 
from a Specific BGP Neighbor 
Debug updates for prefixes 199.172.2.0 and 199.172.3.0 received from Router A: 


Router B 
access-list 2 permit 199.172.2.9 0.0.1.255 


rtrBedebug ip bgp in 172.17.1.2 updates 2 
BGP updates debugging is on for access list 2 for neighbor 172.17.1.2 (inbound) 
rtrBéclear ip bgp * 

p2# 

2d03h: BGP(®): 172.17.1.2 rcvd UPDATE w/ attr: nexthop 172.17.1.2, origin i, 
metric @, path 1 

2d03h; BGP(@): 172.17.1.2 rovd 199.172.2.0/24 

2d@3h: BGP(@): 172.17.1.2 rovd 199.172.3.0/24 


APPENDIX A 


RFC 1771: Border Gateway 
Protocol 4 


The objective of this appendix is to present the concepts and terminology contained in RFC 
1771 in order to help you understand the operation of BGP. Many of the details have been 
omitted, such as packet format and contents. These topics are of interest to developers of the 
code that runs on a BGP-capable router. Border Gateway Protocol (BGP) is an interauto- 
nomous system routing protocol. An autonomous system (AS) is a network or group of 
networks that are under a common administration and that have common routing policies. 
BGP is used to exchange routing information for the Internet and is the protocol used between 
Internet service providers (ISPs). Customer networks, such as universities and corporations, 
usually employ an Interior Gateway Protocol (IGP) such as Routing Information Protocol 
(RIP) or Open Shortest Path First (OSPF) for the exchange of routing information within their 
networks. Customers connect to ISPs, and ISPs use BGP to exchange customer and ISP 
routes. When BGP is used between autonomous systems. the protocol is called External BGP 
(EBGP). If a service provider uses BGP to exchange routes within its AS, the protocol is 
called Interior BGP (IBGP), Figure A-1 illustrates this distinction. 


BGP is a very robust and scalable routing protocol, as evidenced by the fact that BGP is the 
routing protocol employed on the Internet. Currently, the Internet BGP routing tables have more 
than 90,000 routes. In order to achieve scalability at this level, BGP uses many route parameters, 
called attributes, to define routing policies and maintain a stable routing environment. 


In addition to BGP attributes, BGP uses Classless Interdomain Routing (CIDR) to reduce the 
size of the Internet routing tables, For example, assume that an ISP owns the IP address block 
195.10.x.x from the traditional Class C address space. This block consists of 256 Class C 
address blocks, 195.10.0.x to 195.10.255.x. Assume that the ISP assigns a Class C block to each 
of its customers. Without CIDR, the ISP would advertise 256 Class C address blocks to its BGP 
peers. With CIDR, BGP can supernet the address space and advertise one block, 195.10.x.x. 
This block is the same size as a traditional Class B address block. The class distinctions are 
rendered obsolete by CIDR, allowing a significant reduction in the BGP routing tables. 


BGP neighbors exchange full routing information when the TCP connection between neighbors 
is first established. When changes to the routing table are detected, the BGP routers send to their 
neighbors only those routes that have changed. BGP routers do not send periodic routing 
updates, and BGP routing updates advertise only the optimal path to a destination network. 
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Figure A-1 External and Interior BGP 
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BGP Attributes 


Routes leamed via BGP have associated properties that are used to determine the best rou 
destination when multiple paths exist. These properties are called BGP attributes. A 
standing of how BGP attributes influence route selection is required for the design 
networks. This section describes the attributes that BGP uses in the route selection pre 


© = Weight 
© Local preference 


© Miulti-exit discriminator 


° Origin 
© ~=6AS_path 
©  Next-hop 
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Weight Attribute 


Weight is a Cisco-defined attribute that is local to a router. The weight attribute is not 
advertised to neighboring routers, If the router learns about more than one route to the same 
destination, the route with the highest weight is preferred. In Figure A-2, Router A is 
receiving an advertisement for network 172.16.1.0 from Routers B and C. When Router A 
receives the advertisement from Router B, the associated weight is set to 50. When Router 
A receives the advertisement from Router C, the associated weight is set to 100, Both paths 
for network 172.16.1.0 will be in the BGP routing table with their respective weights. The 
route with the higher weight will be installed in the IP routing table. 


Figure A-2. BGP Weight Attribute 
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Local Preference Attribute 


The local preference attribute is used to prefer an exit point from the local autonomous 
system. Unlike the weight attribute, the local preference attribute is propagated throughout 
the local AS. If there are multiple exit points from the AS, the local preference attribute is 
used to select the exit point for a specific route. In Figure A-3, AS 100 is receiving two 
advertisements for network 172.16.1.0 from AS 200. When router A receives the 
advertisement for network 172.16.1.0, the corresponding local preference is set to 50. 
When router B receives the advertisement for network 172,.16.1.0, the corresponding local 
preference is set to 100. These local preference values are exchanged between routers A and 
B. Because router B has a higher local preference than router A, router B is used as the exit 
point from AS 100 to reach network 172.16.1.0 in AS 200. 
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Figure A-3 BGP Local Preference Attribute 
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Multi-Exit Discriminator Attribute 


The multi-exit discriminator (MED) or metric attribute is used as a suggestion to 
external AS regarding the preferred route into the AS that is advertising the metr 


I say “suggestion” because the external AS that is receiving the MEDs might be 
BGP attributes for route selection. We will cover the rules of route selection in th 
section. In Figure A-4, Router C is advertising the route 172.16.1.0 with a metri 
Router D is advertising 172.16.1.0 with a metric of 5. The lower value of the n 
preferred, so AS 100 selects the route to router D for network 172.16.1.0 in AS 21 
are advertised throughout the local AS, 


Origin Attribute 


The origin attribute indicates how BGP learned about a particular route. The ori gin a 
can have one of three possible values: 


© I1GP—The route is interior to the originating AS. This value is set when the® 
router configuration command is used to inject the route into BGP. 

© EGP—The route is learned via the Exterior Gateway Protocol (EGP). 

R 


Incomplete—The origin of the route is unknown or is learned some other ' 
origin of Incomplete occurs when a route is redistributed into BGP. 


The origin attribute is used for route selection. It is covered in the next section. 
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Figure A-4 BGP Multi-Exit Discriminator Attribute 
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AS_path Attribute 


When a route advertisement passes through an autonomous system, the AS number is added 
to an ordered list of AS numbers that the route advertisement has traversed. Figure A-5 
shows a situation in which a route is passing through three autonomous systems. 


AS|1 originates the route to 172.16.1.0 and advertises this route to AS 2 and AS 3 with the 
AS_ path attribute equal to {1}. AS 3 advertises back to AS 1 with AS_path attribute {3,1}, 
and AS 2 advertises back to AS 1 with AS_path attribute {2,1}. AS 1 rejects these routes 
when its own AS number is detected in the route advertisement. This is the mechanism that 
BGP uses to detect routing loops. AS 2 and AS 3 propagate the route to each other, with 
their AS number added to the AS_path attribute. These routes will not be installed in the IP 
routing table, because AS 2 and AS 3 are learning a route to 172.16.1.0 from AS | with a 
shorter AS-path list. 


Next-Hop Attribute 


The EBGP next-hop attribute is the IP address that is used to reach the advertising router. 
For EBGP peers, the next-hop address is the IP address of the connection between the peers. 
For IBGP, the EBGP next-hop address is carried into the local AS, as shown in Figure A-6. 
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Figure A-5 BGP AS_Path Attribute 
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Figure A-6 BGP Next-Hop Attribute 
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Router C advertises network 172.16.1.0 with a next hop of 10.1.1.1. When Router A 
propagates this route within its own AS, the EBGP next-hop information is preserved. If router 
B does not have routing information regarding the next hop, the route is discarded, Therefore, 
it is important to have an IGP running in the AS to propagate next-hop routing information. 


Community Attribute 


The community attribute provides a way of grouping destinations, called communities, to which 
routing decisions (such as acceptance, preference, and redistribution) can be applied. Route maps 
are used to set the community attribute. The predefined community attributes are as follows: 


© no-export—Do not advertise this route to EBGP peers, 
® no-advertise—Do not advertise this route to any peer. 


® internet—Advertise this route to the Internet community; all routers in the network 
belong to it. 
Figure A-7 illustrates the no-export community. AS | advertises 172.16.1.0 to AS 2 with 


the community attribute no-export. AS 2 propagates the route throughout AS 2 but does not 
send this route to AS 3 or to any other external AS. 


Figure A-7 BGP No-Export Community Attribute 
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In Figure A-8, AS 1 advertises 172.16.1.0 to AS 2 with the community attribute no- 
advertise. Router B in AS 2 does not advertise this route to any other router. 
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Figure A-8 BGP No-Advertise Community Attribute 
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Community = No Export ; 
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Figure A-9 demonstrates the internet community attribute. There are no limitations to tl 
scope of the route advertisement from AS |. 


BGP attributes are classified as either well-known or optional. Well-known attribute 
further classified as mandatory or discretionary. A well-known mandatory attribute 
present in the BGP UPDATE message. A well-known discretionary attribute mt . 
recognized by all BGP speakers, but its presence in an UPDATE message is optional. Tab 
A-1 lists the well-known BGP attributes. 


Weil-Known BGP Attributes 
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Figure A-9 BGP Internet Community Attribute 
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Optional attributes are either transitive or nontransitive. If an optional attribute is not known 
by the receiving BGP speaker, the BGP speaker determines whether the attribute is 
transitive or nontransitive by examining a bit in the UPDATE message. If the attribute is 
transitive, the BGP speaker passes the attribute to other BGP speakers. If the attribute is 
nontransitive, the attribute is discarded and is not advertised to other BGP speakers. Table 
A-2 lists the optional BGP attributes. 


Table A-2 Optional BGP Attributes 


ee 
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BGP Path Selection 


BGP can receive multiple advertisements for the same route from multiple sources. BC 


selects only one path as the best path, After the path is selected, BGP puts it in the IP r 
table and propagates the path to its neighbors. BGP uses the following criteria, in the org 
listed, to select a path for a destination: 


rene a BGP Connection 


transition adie rere Perper gore of areianese relations! 
shown in Figure A-10. 


Ignore a route if the next hop is not known. 
Ignore IBGP routes that are not synchronized. 
Prefer the route with the largest weight. 

Prefer the route with the largest local preference. 
Prefer the route that was locally originated. 


Prefer the route with the shortest AS path. If you’re using bgp bestpath as-path 
ignore, skip this step. When you use the as-set option for aggregated rou 
counts as | regardless of the number of AS entries in the set. Confederation si 
numbers are not used to determine the AS-path length. 

Prefer the route with the lowest origin (IGP < EGP < Incomplete), 
Prefer the route with the lowest MED. This comparison is only between routes 
advertised by the same external AS. 


If you're using bgp always-compare-med, compare MEDs for all paths. 
If used, this command needs to be configured on every BGP router in the 
AS. 


If you’re using bgp bestpath med-confed, the MEDs are compared only 
for routes that have an AS confederation sequence in their AS-path 
attribute. 


If a prefix is received with no MED value, it is assigned a MED value of 0. — 
If you're using bgp bestpath med missing-as-worst, a prefix with a 
missing MED value is assigned a MED value of 4,294,967 ,294. 
Prefer EBGP routes to IBGP routes. 

Prefer the route with the nearest IGP neighbor. 

Prefer the oldest route. 

Prefer the path received from the router with the lowest router ID. 
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Figure A-10 States in the Formation of a BGP Neighbor Relationship 


Open Open - 


The Idle state usually represents the condition in which BGP has not been enabled on the 
router, or a particular neighbor relationship has been shut down, When a connection is 
initiated through either router configuration or the removal of the shut-down state for a 
particular neighbor, BGP moves to the Connect state. 


In the Connect state, BGP waits for a TCP connection to be established with the remote 
neighbor. If the TCP connection is established, an Open message is sent, and the Open Sent 
state is entered. If the TCP connection is not established, the Active state is entered. While 
in the Active state, the router continues to listen for a connection. 


In the Open Sent state, the router waits for an Open message from the remote neighbor. If 
there are errors in the Open message, a notification message is sent to the neighbor, and the 
local router enters the Idle state. 


If the Open message contains no errors, a keepalive message is sent, and the holdtime is set 
to the negotiated value, The Open Confirm state is then entered. If the BGP neighbors are 
in the same AS, the BGP connection is internal. If the BGP neighbors are in different 
autonomous systems, the connection is external. 


In the Open Confirm state, BGP waits for a keepalive or notification message. If a keepalive 
message is received, the connection moves to the Established state. If a keepalive message 
is not received before the hold timer expires, a notification message is sent, and the state 
transitions to Idle. 


In the Established state, the BGP neighbors can exchange update, notification, and 
keepalive messages. Whenever BGP changes its state from Established to Idle, it closes the 
BGP and TCP connection, releases all resources associated with that connection, and 
deletes all routes derived from that connection, 


Table A-3 lists additional references available from http://www.nexor.com/index-rfc.htm 
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Table A-3 BGP-Related RFCs 


2918 Route Refresh Capability for BGP-4 j 
2858 Multiprotocol Extensions for BGP-4 i 


2842 Capabilities Advertisement with BGP-4 1 


2796 BGP Route Reflection—An Alternative to Full-Mesh IBGP j 
2547 BGP/MPLS VPNs a 


2545 Use of BGP-4 Multiprotocol Extensions for IPv6 Inter-Domain Routing 
2439 BGP Route Flap Damping 


2385 Protection of BGP Sessions via the TCP MD5 Signature Option 


2283 Multiprotocol Extensions for BGP-4 


ty 
= 
tv 


Registering New BGP Attribute Types 


Ht i 
\ \P | —4 =| 


} 


An Application of the BGP Community Attribute in Multi-Home Routing 
1997 BGP Communities Attribute 
1966 BGP Route Reflection—An Alternative to Full-Mesh IBGP 


1965 Autonomous System Confederations for BGP 


1863 A BGP/IDRP Route Server Alternative to a Full-Mesh Routing 
1774 BGP-4 Protocol Analysis 


1773 Experience with the BGP-4 Protocol 


i 
i mN } 


APPENDIX 


Regular Expressions 


A regular expression is a sequence of one or more characters that can be used for two 
general purposes. The first purpose is to reduce the output from various show commands. 
For example, if you wanted to view the routing protocols that are active on a router, you 
could use show running-config and scroll through the output until you came to the section 
of the configuration that contained the routing configurations. Or, you could use an output 
modifier with a regular expression to display only those lines containing a router 
configuration command: 


rtrA#show running-config | include router 
router eigrp 1 


router bap 2 


This code uses the output modifier include and the regular expression router to reduce the 
amount of output from the show running-config command. Each line of output from this 
command is examined, and if the pattern router is contained in the line, the line is displayed. 
You could use the same regular expression with a different output modifier to display the 
configuration, starting with the router configurations and everything that follows: 


p2#show running-contfig | begin router 
router eigrp 1 
network 10.0.0. 
network 172.17... 
! 
router bgp 2 
network 20@.1.1. 
network 200.1.2.0 
neighbor 1@.1.1.2 remote-as 2 
neighbor 172.17.1.2 remote-as 1 
! 
line con @ 
exec-timeout 0 2 
transport input none 
line aux 0 
line vty @ 4 
login 
! 
end 


346 Appendix B: Regular Expressions 


Having the capability to reduce the output of show commands is very useful with B 
your BGP routers contain the entire Internet routing table, using the show ip bgp co 
displays tens of thousands of routes. If you are interested in only a particular prefix, they 
of a regular expression greatly reduces the amount of output: 


rtrA#show ip bgp | include 200.1 
BGP table version is 8, local router ID is 200.1,4.1 


*> 200.1.1.0 0.0.0.0 0 32768 i 
*> 200.1.2.0 0.0.0.0 @ 32768 i 
*> 200.1.3.0 0.0.0.0 0 32768 i 
*> 200.1.4.0 0.0.0.0 @ 32768 I 


Table B-1. 


Table B-1 Regular Expressions: Special Characters 


Matches any single character, including white space. 


Matches one or more sequences of the pattern. 
Matches zero or one occurrence of the pattern. 


Matches zero or more sequences of the pattern. 


Matches the beginning of the string a 
Matches the end of the string. 


_ (underscore) Matches a comma (,), left brace ({), right brace (}), left parenthesis ((), right — 
parenthesis ()), the beginning of the string, the end of the string. or a space. 


Here are some examples: 
© — c* matches any occurrence of the letter c in the line, including no occurrences of the k t 
© ¢+ matches one or more occurrences of the letter c in the line. 
* ca?B matches cb or caB. 


If you want to use one of the special characters in Table B-1 as a regular charactef, pre 
it with a backslash (\). For example, \$ matches the dollar sign character, \+ matches 
plus sign character, and \_ matches the underscore character. 


Square brackets are used to specify a range of single characters. Here are some examp 


© [Aa] matches either the single character A or a. 
© = [1-35-7] matches a single character with the value 1, 2, 3, 5, 6, or 7. 
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© A[bB] Matches a line that begins with b or B. 


@ = [2-5]$ Matches a line that ends with 2, 3, 4, or 5. The caret (“) is used to reverse the 
meaning of the characters within the bracket. 


© [41-3] Matches any occurrence of the characters 0 and 4 through 9. 


Obviously, you can get carried away with the complexity of a regular expression. 


The second general purpose of the regular expression is in an autonomous system path 
filter. BGP can filter incoming or outgoing updates based on the AS path information. 
A BGP router prepends its own AS number on the AS path list for every prefix that is 
advertised. Table B-2 lists common regular expressions for use in AS path filters. 


Table B-2 Common Regular Expressions for AS Path Filters 


a, (ite: ee ae 
a 
ee 
og Tee oad 


Routes containing AS 3. 


Aggregate route using the as-set option. Routes from AS | and AS 2 form 
the aggregate. 


(65530) Confederation peer. The peer is in AS 65530. 


The format of an AS path filter is 


ip as-path access-list list_number permit regular_expression 


or 


ip as-path access-list list_number deny regular_expression 


The AS path filter can be used to filter incoming or outgoing routes based on AS path 
information. An AS path filter can also be used in a route map to selectively modify BGP 
attributes based on the prefix’s AS path. 


APPENDIX 


Route Map Logic 


A route map is an extremely powerful and versatile tool for route filtering and attribute 
manipulation. In regards to BGP, route maps are used in the following commands: 


aggregate-address address mask advertise-map route-map-name 
aggregate-address address mask as-set route-map-name 
aggregate-address address mask attribute-map route-map-name 
aggregate-address address mask route-map route-map-name 
aggregate-address address mask suppress-map route-map-name 
bgp dampening route-map route-map-name 

neighbor ip-address advertise-map route-map-name non-exist-map route-map-name 
neighbor ip-address default-originate route-map route-map-name 

neighbor ip-address route-map route-map-name in 

neighbor ip-address route-map route-map-name out 

neighbor ip-address unsuppress-map route-map-name 

redistribute protocol route-map route-map-name 


These commands allow you to filter routes, manipulate BGP attributes, or both. The logic 
of route maps is demonstrated in Figure C-1. 


Figure C-1 Scenario for Illustrating Route Map Logic 
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172.16.2.0/24 
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Router A 
interface loopback 0 

ip address 172.16.1.0 255,.255.255.9 
H 
interface loopback 1 

ip address 172.16.2.0 255.255.255.0 
i 


continues 
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(Continued) 

interface loopback 2 

ip address 192.16.1.0 255.255.255.8 

t 
interface loopback 3 

ip address 192.16.2.0 255.255.255.0 

{ 

router bgp 1 

network 172.16.1.0 mask 255.255.255.0 
network 172.16.2.0 mask 255.255.255.090 
network 192.16.1.2 

network 192.16.2.0 

neighbor 172.17.1.2 remote-as 2 
Router 6 

router bgp 2 

neighbor 172.17.1.1 remote-as 1 


Before continuing, verify that Router B is receiving the four network advertisements | 0 
Router A. 


rtrBéfshow ip bgp 

BGP table version is 5, local router ID is 172.17.1.2 
Status codes: $s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
*> 172.16.1.0/24 172.17.1.1 i) @1i 
*> 172.16.2.0/24 W247 644 v1) @1i 
*> 192.16.1.@ Ve satctat i) Oii 
*> 192.16.2.0 W2ITiAA Q @1i 


Router 8 
router bgp 2 
neighbor 172.17.1.1 remote-as 1 


The BGP neighbor configuration command references the route map by name and 
indicates whether the route map is an input or output route map. route-map state 
numerically ordered and are executed in numerical order. Because we are using ¢ 
route-map statement, the number of the route-map statement really has no effect. 
route-map statement consists of a line referencing the name of the route map, thes 
number associated with the route-map statement, and the keyword permit or de 
form used here might seem a bit strange, but we want to investigate the effect of 
empty route-map statement. List the BGP table on router B to determine the effect © 
empty route map. 
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rtrB#show ip bgp 

BGP table version is 5, local router ID is 172,17.1.2 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weigh 
*> 172.16.1.0/24 172.17.1.1 ® 
*> 172.16.2.0/24 172,17.1.1 i] 
192.16.1.9 V72.17.1.1 Q 
ts) 


ath 


192.16.2.0 172.17.1.1 


t F 
@1 
@1 
@1i 
@ 1 


The empty form of the route-map permit statement allows all routes. This is handy in 
certain situations. This form is equivalent to permit any in an IP access list. Now change 
the route map from permit to deny. 

Router B 


router bgp 2 
neighbor 172.17.1.1 remote-as 1 


Does this have the opposite effect as the permit form? List the BGP table on Router B to 
find out. 


rtrB#show ip bgp 


The deny form of the empty route map denies all routes. 


A route map has four basic forms. The numbered route-map statement can contain either 
a permit or deny. The match clause, if used, can also be either a permit or deny. 
Therefore, there are four permutations that we want to investigate: 


* route-map permit/match permit 
* route-map permit/match deny 

*  route-map deny/match permit 

* route-map deny/match deny 


For each of these forms, we need to determine under which conditions the routes are 
accepted, and if the execution of the route map is terminated or if the next route-map 
statement is executed. 


The first and second forms are probably the most familiar. We want a route map to permit 
selected routes to be accepted from Router A while denying all others. For this example, 
permit only the 172.16.1.0/24 network. 
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router bgp 2 = 
neighbor 172.17.1.1 remote-as 1 


When routing updates are received from Router A, each prefix is processed by the ir 
route map. Because we are using the permit form of the route map, only those prefi 
are permitted by the access list are allowed. Remember that an IP access list has an i 
deny all as the last statement. This implicit deny all blocks all routes that are not permitte 
by the access list. 


rtrBéshow ip bgp 
BGP table version is 2, local router ID is 172.17.1.2 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 
*> 172.16,1.0/24 TTZAT TA ® ®itr 


In order to determine if the route map terminates execution when a match is made, a dd 
another route-map statement to the route map on Router B: 


router bgp 2 
neighbor 172.17.1.1 remote-as 1 
neighbor 172.17.1.1 route-map demo in 
! 
access-list 1 permit 172.16.1.8 0.0.0.255 
route-map demo permit 10 
match ip address 1 


Using set metric 77 allows us to determine if the route map terminates for either permt 
or denied routes. List the BGP table on Router B to determine the result: 


rtrBéshow ip bgp 
BGP table version is 5, local router ID is 172.17.1.2 i 
Status codes: $s suppressed, d damped, h history, * valid, > best, i - internat 
Origin codes: i - IGP, e - EGP, ? - incomplete 


Network Next Hop Metric LocPrf Weight Path 


*> 172.16.1.0/24 172.17.1.1 a oa = 

*> 172.16.2.0/24 W72.4%al,.1 77 o 1) 

*> 192.16.1.0 172.17.1.1 77 @ 1 
192.16.2.8 W217 5401 77 @14 
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When there is a match using the permit statement, the route is accepted and the route map 
is terminated—at least for that route. When there is a match using a deny statement. the route 
is not accepted, but execution continues to the next route-map statement. If there is no other 
route-map statement, all remaining routes are rejected. The 172.17.1.1 route is permitted in 
the IP access list, so the route is permitted, and the execution of the route map is terminated. 
This is evident because the metric for this route is unchanged. The other routes are denied 
by the IP access list, so the routes are not accepted by the first route-map statement. But 
because the routes are denied, the execution of the route Map continues to the second 
statement. We have proven this because the remaining routes have a metric of 77, 


The third and fourth forms of a route map contain a deny in the route-map statement. 
Change the route-map statement to a deny, but do not change the IP access list: 


router bgp 2 
neighbor 172.17.1.1 remote-as 1 


! 
access-list 1 permit 172.16.1.0 @.0.0.255 


This will permit 172.16.1.0/24 to be denied by the route map. What happens to the other 
prefixes? Are they rejected to be denied? 


rtrB#show ip bgp 


Yes, all routes are denied. The important question is, when do the other routes get denied? Are all 
routes being denied by the route-map statement? We can find out by modifying the route map. 


router bgp 2 
neighbor 172.17.1.1 remote-as 1 
neighbor 172.17.1.1 route-map demo in 
! 
access-list 1 permit 172.16.1.0 0.0.0.255 
route-map demo deny 10 
match ip address 1 
! 
route-map permit 20 


List the BGP table for Router B to determine the answer to the preceding question. 


rtrB#show ip bgp 

BGP table version is 4, local router ID is 172.17.1.2 

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 


ath 


Network Next Hop Metric LocPrf Weigh t 
i 
i 
I 


*> 192.16.1.0 VF26T7 OT st 


t P 
*> 172.16.2.0/24 172.17.1,1 1 
1 
*> 192.16.2.0 172,17.1.1 @1 


354 Appendix C: Route Map Logic 


The first statement in the route map denies only the 172.16.1.0/24 route. Because 
were no more statements in the route map, however, the effect was to deny all routes. 
an empty route-map statement, which we have seen acts like a permit any, the ro 
specifically denied by route-map statement |0 are now permitted by statement 20. We can 
now formalize the logic associated with route maps. “sy 


Form 1: permit/permit 


With form 1, the recommended form, if a match is made, accept the route, set the attr 
(if you're using a set clause), and exit the route map. Otherwise, continue to the next r 
map statement: 

access-list 1 permit ip-address/mask 
or 

ip as-path access-list number permit regular-expression 
or 

ip prefix-list name permit prefix/length 
or | 


ip community-list number permit community-number 


route-map name permit sequence-number 
match ip address access-list-number 


or 

match as-path access-list-number 
or 

match ip address prefix-list list-name 
or 


match community community-list-number 


Form 2: permit/deny . 
If a match is made, deny the route and exit the route map. 
access-list 1 permit ip-address/mask 
or 


ip as-path access-list number permit regular-expression , 
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SO 


or 
ip prefix-list name permit prefix/length 
or 


ip community-list number permit community -number 


route-map name deny sequence-number 
match ip address access-list-number 


or 

match as-path access-list-number 
or 

match ip address prefix-list list-name 
or 


match community community-list-number 


Form 3: deny/permit 
If a match is made, deny the route and exit the route map: 
access-list 1 deny ip-address/mask 
or 
ip as-path access-list number deny regular-expression 
or 
ip prefix-list name deny prefix/length 


or 


ip community-list number deny community -number 


route-map name permit sequence-number 
match ip address acoess-list-number 


or 

match as-path eccess-list-number 
or 

match ip address prefix-list list-name 
or 


match community community -list-number 
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Form 4: deny/deny 

If a match is made, accept the route and continue to the next route-map statement: 
access-list 1 deny ip-address/mask 

or 
ip as-path access-list number deny regular-expression 

or 
ip prefix-list name deny prefix/length 

or 


ip community-list number deny community-number a 


route-map name permit sequence-number 
match ip address access-list-number 


or 
match as-path access-list -number 
or 4 
match ip address prefix-list list-name 
or 


match community community-list-number 


The recommended form is form |. Use a permit in the route-map statement, and then 
permit or deny as needed in the IP access list, as-path list, prefix list, or community list 
! 
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auto-summary, 39-42 
bgp always-compare-med, 45-50 
bgp bestpath 
as-path ignore option, 50-54 
med confed option, 55-58 
med missing-as-worst option, 59-62 
bgp clear, 313-316 
bgp client-to-client reflection, 62-66 
. bgp cluster-id, 66-69 
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accepted prefixes field (show ip bgp neighbors 
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configuring, 212-213 
route filtering, 205-206 
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Address family IPy4 Multicast field (show ip bgp 


neighbors command), 307 
Address family IPv4 Unicast field (show ip bgp 
neighbors command), 306 
addresses, classful, 243 
administrative distance 
best path, selecting, 248-250 
modifying, 103-106 
verifying. 106 
advertisement runs field (show ip bgp neighbors 
command), 307 
advertising, 243 
conditional default routes, 133-135 
default routes, 95-97 
directly connected networks, 243-245 
primary route while suppressing secondary 
route, 119-124 
aggregate-address command, 3-36 
as-set advertise-map option, 17—24 
as-set option, 12-17 
attribute-map option, 24 
route-map option, 24-29 
summary-only option, 29-32 
suppress-map option, 33-36 
aggregation 
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18-24 
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redistributed routes, 8 
static routes, 11-12, 245-246 
suppressing more-specific routes, 29-32 
suppressing subset of more-specific routes, 
33-36 
verifying configuration, 10 
appending AS path information to routes, 215 
applying route dampening to flapping routes, 78-79 
AS field (show ip bgp summary command), 311 
AS MED values, comparing, 46—50, 60 
AS numbers, prepending, 214 
AS_path attribute, 335 
access lists, displaying corresponding 
dampened prefixes, 297 
appending to routes, 215 
as route filtering criteria, 210-211 
filtering with regular expressions, 347 
as-set advertise-map option (aggregate-address 
command), 17-24 
as-set option (aggregate-address command), 12-17 
assigning 
BGP router IDs, 91—93 
metrics to redistributed routes, 98-100 
atomic-aggregate attribute, 6 
attribute-map option (aggregate-address 
command), 24 
attributes, 331 
as best path selection criteria, 50-62 
AS path, appending to routes, 215 
AS_path, 335 
atomic-aggregate, 6 
community, 337-339 
NO-EXPORT community value, 
configuring, 225-227 
local preference, 333 
modifying, 84-86 
manipulating, 208 
with route maps, 212-218 
MED 
comparing from different ASs, 60 
deterministic best path selection, 86 
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multi-exit discriminator (MED), 334 
next-hop, 335-337 
of aggregate routes, modifying, 24-29 
origin, 334 
selective manipulation, 209 
weight, 333 
configuring for local router, 239 
setting, 170-174 
authentication (MD5), enabling, 182—183 
automatic route summarization, 40-42 
configuration, verifying, 42 
troubleshooting, 43 
auto-summary command, 39-42 


backdoor option (network command), 247-250 
best path, 115 
selecting, 45-46, 248-250, 340 
based on route attributes, 50-62 
deterministic selection, 86 
bgp always-compare-med command, 45-50 
bgp bestpath as-path ignore command, 50-54 
bgp bestpath med confed command, 55-58 
bgp bestpath med missing-as-worst command, 
59-62 
BGP clear commands, 313-316 
bgp client-to-client reflection command, 62-66 
bgp cluster-id command, 66-69 
bgp confederation peers command, 70-75 
bgp dampening route-map command, 76~84 
bgp default local-preference command, 84-86 
bgp deterministic-med command, 86 
bgp fast-external-failover command, 87-91 
bep log-neighbor-changes command, 89 
BGP neighbor field (show ip bgp neighbors 
command), 306 
BGP router identifier field (show ip bgp summary 
command), 311 
bep router-id command, 91-93 
BGP state field (show ip bgp neighbors 
command), 306 
BGP table, adding aggregate entries, 3-11 
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BGP table version field 
show ip bgp flap-statistics command, 302 
show ip bgp neighbors command, 306-307 
show ip bgp output command, 286 , 
show ip bgp summary command, 31] 

BGP version, locking down, 238-239 


CIDR (Classless Interdomain Routing), 331 
classful addresses, 243 | 
clear commands, 313-316 
soft keyword, 315 
clearing connections, 143 
client-to-client reflection, configuring, 62-65 
cluster IDs, 66 
commands 
aggregatc-address, 3-36 
as-set advertise-map option, 17-24 
as-set option, 12-17 
attribute-map option, 24 i 
route-map option, 24-29 
summary-only option, 29-32 
suppress-map option, 33-36 
auto-summary, 39-42 
bgp always-compare-med, 45-50 
bgp bestpath 
as-path ignore option, 50-54 
med confed option, 55-58 - 
med missing-as-worst option, 59-62 
bgp clear, 313-316 
bgp client-to-client reflection, 62-66 
bgp cluster-id, 66-69 
bgp confederation peers, 70-75 
bgp dampening route-map, 76-84 
bgp default local-preference, 84-86 
bgp deterministic-med, 86 
bgp fast-external-failover, 87-91 
bgp log-neighbor-changes, 89 
bgp router-id, 91-93 
debug ip bgp, 319-329 ' 
default-information originate, 95-97 
default-metric, 98-100 


distance, 103-106 
distribute-list. See neighbor distribute-list 
command 
maximum-paths, | 13-116 
neighbor advertise map, 119-124 
neighbor advertisement-interval, 124—128 
neighbor default-originate, 128-133 
neighbor description, 136-137 
neighbor distribute-list in, 137-143 
neighbor distribute-list out, 143-149 
neighbor ebgp-multihop, 149-151 
neighbor filter-list in, 151-160 
neighbor filter-list out, 161-170 
neighbor filter-list weight, 170-174 
neighbor maximum-prefix warning-only, 
175-179 
neighbor next-hop-self, 180-182 
neighbor originate route-map, 133-135 
neighbor password, 182-183 
neighbor peer-group, 184-187 
neighbor prefix-list in, 187-192 
neighbor prefix-list out, 193-197 
neighbor remote-as, 198-201 
neighbor remove-private-as, 202-204 
neighbor route-map in, 204-211 
neighbor route-map out, 212-218 
neighbor route-reflector-client, 218-224 
neighbor send-community, 226-227 
neighbor shutdown, 227-228 
neighbor soft-reconfiguration inbound, 
229-230 
neighbor timers, 230-231 
neighbor unsuppress-map, 231-234 
neighbor update-source, 234-238 
neighbor version, 238-239 
neighbor weight, 239 
network, 243-247 
backdoor option, 247-250 
mask parameter, 246 
redistribute protocol, 253-258 
redistribute protocol metric metric, 258-263 
show, 285-311 
show ip bgp, 43 
filter-list option, 297 
fiap-statistics option, 301-303 
inconsistent-as option, 303 
output, fields, 286 
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show ip bgp neighbors, 305-308 
output, 115-116 
show ip bgp paths, output, 309 
show ip bgp summary, 310-311 
output, fields, 310-311! 
show ip route, output, 116-117 
summary-address. See aggregate-address 
command 
synchronization, 273-277 
timers bgp, 279-282 
community attribute, 337-339 
displaying corresponding prefixes, 294-296 
modifying, 215-218 
NO-EXPORT community value, configuring, 
225-227 
Community attribute field (show ip bgp neighbors 
command), 307 
comparing MED values from different ASs, 
46-50, 60 
complex regular expressions, 346 
conditional default routes, configuring, 133-135 
confederations, 71-75 


configuring 
access lists 
extended, route filtering, 207 
standard, 212-213 


automatic route summarization, 40-42 
auto-summarization, verification, 42 
default routes, 128-130 
conditional, 133-135 
input distribute lists, 138-143 
local preference, default value, 84-86 
loop detection, 66-69 
multiple default routes, 130-133 
ouput distribute lists, 143-149 
route dampening, 76-78 
default, 77-80 
route maps, 204-211 
route reflection, 62-65 
redundancy, 66-69 
TCP sessions, 198-201 
updates, minimum interval, 125-127 
weight attribute, | 70-174 
Connect state, 341 
connected networks, selective redistribution, 
264-268 
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connected routes, redistribution, 258-263 
verifying, 261-262 
Connection state field (show ip bgp neighbors 
command), 307 
connections 
clearing, 143 
forming, 340-341 
resetting, 315 
status, displaying, 310 
TCP, enabling MD5 authentication, 182-183 
Connections established field (show ip bgp 
neighbors command), 307 
creating 
connections, 340-341 
neighbor relationships, 149-151 
peer groups, 184-187 
customizing 
attributes, local preference, 84-86 
dampening parameters, 81-82 


D 


dampened routes 
clearing information, 315 
configuring, 76-78 
customized parameters, route maps, 82-84 
default configuration, 77-80 
events, debugging, 323-324 
prefixes, displaying in routing table, 296 
viewing, 80 
Datagrams Revd field (show ip bgp neighbors 
command), 308 
debug ip bgp command, 319-329 
default configuration 
local preference, 84-86 
route dampening, 77-80 
default routes 
advertising, 95-97 
conditional, 133-135 
configuring, 128-130 
verifying configuration, 97 
default-information originate command, 95-97 
default-metric command, 98-100 
delrecvwnd field (show ip bgp neighbors 
command), 308 


E 


deny/deny route map form, 356 
deny/permit route map form, 355 
description option (neighbor command), 136-134 
deterministic best path selection, 86 
devices, icons for, xxiv 
directly connected networks, advertising, 243-24: 
displaying q 
AS path access lists, corresponding damper 
prefixes, 297 y 
connection status, 310 
dampened routes, 80 
prefixes in routing table, 296 
natural masks in routing table, 293 
neighbor statistics, 305-306 
neighbor status change events on console, 96 
peer group statistics, 310 i 
prefixes 
belonging to specified community, 
294-296 
in BGP routing table, 287 
routing table entries, 285-286 
flap statistics, 301-302 
inconsistent originating ASs, 303-305. 
specified prefix in BGP routing table, 28 
distance command, 103-106 ue 
distribute-list command. See neighbor distribu 
command 
distribute-list option (neighbor command), 137-14 
documentation, BGP-related RFCs, 342 
dropped field (show ip bgp neighbors 
command), 307 
Duration field (show ip bgp flap-statistics 
command), 303 


f 


EBGP (External BGP), 331 

next-hop attribute, 335-337 

TCP sessions, configuring, 198-201 
ebgp-multihop option (neighbor command), 

149-151 re. 

EIGRP, redistributing learned routes, 258-263 
empty route maps, effect of, 350-351 
entries (BGP routing table), displaying, 
Established state, 341 
establishing TCP sessions, 198-201 


Inbound path policy field (show ip bgp neighbors command) 365 


Event Timers Table field (show ip bgp neighbors 
command), 308 
events, debugging 
dampening-related, 323-324 
neighbor relationship-related, 325 
example configuration 
automatic route summarization, 40-42 
synchronization, 273-275 
extended access lists, route filtering, 207 
external link field (show ip bgp neighbors 
command), 306 


F 


fast external failover, 87-88 
verifying configuration, 88 
fields 
show ip bep command output, 286 
show ip bgp flap-statistics command output, 
displaying, 302-303 
show ip bgp neighbors command output, 
306-308 
show ip bgp paths command output, 309 
show ip bgp summary command output, 
310-311 
filtering 
AS paths with regular expressions, 347 
distribute lists 
input, 138-143 
output, 143-149 
route maps, 204-211 
internal logic, 349-350 
updates based on AS path information, 151-160 
incoming route updates, 187-192 
outgoing route updates, 156—170, 
193-197 
filter-list in option (neighbor command), 15]—160 
filter-list option (neighbor command), 170-174 
filter-list out option (neighbor command), 161-163, 
167-170 
Flags field (show ip bgp neighbors command), 308 
flapping routes 
dampening, 76-78 
customized parameters, 81-84 
default configuration, 77-80 
fast external failover, 87-88 


penalties for, 77 
statistics 
clearing, 316 
displaying, 301-302 
Flaps field (show ip bgp flap-statistics 
command), 303 
For address family field (show ip bgp neighbors 
command), 307 
Foreign host, Foreign port field (show ip bgp 
neighbors command), 307 
forming 
connections, 340-341 
neighbor relationships, 149-151 
peer groups, 184-187 
From field (show ip bgp flap-statistics 
command), 303 
full mesh, configuring, 70-75 
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half-life of route flap penalties, 77 
hold time field (show ip bgp neighbors 
command), 306 
hold timers 
configuring, 230-231, 279-281 
troubleshooting, 282 
verifying configuration, 281 
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IBGP (Interior BGP), 331 
full mesh, configuring, 70-75 
synchronization, 273-277 
speakers, configuring as route reflectors, 
219-224 
TCP sessions, configuring, 198-201 
icons for network devices, xxiv 
Idle neighbor relationships, 315 
Idle state, 341 
IGPs (Interior Gateway Protocols), 331 
Inbound path policy field (show ip bgp neighbors 
command), 307 


366 incoming route updates 


incoming route updates 

debugging, 328 

filtering, 187-192 
input distribute lists, configuring, 138-143 
InQ field (show ip bgp summary command), 311! 
inserting 

aggregate entries in BGP table, 3-11 

descriptions in BGP configurations, 136-137 
installing learned routes in IP routing table, 113-116 
IP addresses 

classful, 243 

community lists, 296 
IP routing table, adding learned paths, 113-116 
irs field (show ip bgp neighbors command), 308 


K 


keepalive interval field (show ip bgp neighbors 
command), 306 
keepalive messages, debugging, 325 
keepalive timers 
configuring, 230-231, 279-281 
troubleshooting, 282 
verifying configuration, 281 
keywords, show ip bep community command, 294 
known networks, 243 
KRTT field (show ip bgp neighbors command), 308 


L 


Last read field (show ip bgp neighbors 
command), 306 
Last reset field (show ip bgp neighbors 
~ command), 307 
leaking routes to neighbors, 231-234 
learned routes 
adding to routing table, 113-116 
aggregation, 8-10 
IBGP, synchronization, 273-277 
limiting, 175-179 
redistribution 
EIGRP, 258-263 
non-BGP, 253-258 
selective, 264-268 


limiting 

learned routes, 175-179 

output of show commands, 345 
Local host, Local port field (show ip bgp neighth 

command), 307 ¥r 

local preference attribute, 333 

default value, configuring, 84-86 

modifying, 84-86 
local router ID field a 

show ip bgp flap-statistics command, 302 

show ip bgp output, 286 d 
local routes, aggregating, 3-8 
locking down BGP version, 238-239 
LocPrt field (show ip bgp output), 286 
logging neighbor relationship changes, 89-91 
logic of route maps, 349-350 

deny/deny form, 356 

deny/permit form, 355 

permit/deny form, 354 

permit/permit form, 354 
loop detection, configuring, 66-69 
loopback interfaces, configuring, 235-238 


main routing table version field (show ip bgp 
summary command), 311 
manipulating attributes, 208 
with route maps, 212-218 
mask parameter (network command), 246 
maximum-paths command, 113-116 
maximum-prefix option (neighbor command), 
175-179 
maxRTT field (show ip bgp neighbors 
command), 308 
MDS (Message Digest 5) authentication, ena 
182-183 * 
MED (multi-exit discriminator) attribute, 334 
comparing from different ASs, 46-50, 
deterministic best path selection, 86 
memory, logging neighbor status changes to, 7¥~ 
messages 
keepalive, debugging, 325 
UPDATE, 76-77 
WITHDRAWN, 76-77 


Metric field (show ip bgp output), 286 
metrics, assigning to redistributed routes, 98—100 
minimum interval between updates, configuring, 
125-127 
minRTT field (show ip bgp neighbors 
command), 308 
modifying 
administrative distance, 103-106 
attributes 
aggregate route, 24-29 
community, 215-218 
local preference, 84-86 
next-hop information, 180-182 
MsgRevd field (show ip bgp summary 
command), 31] 1 
MsgSent field (show ip bgp summary 
command), 311 
mul-in field (show ip bgp neighbors command), 307 
mul-out field (show ip bgp neighbors 
command), 307 
multi-exit discriminator (MED) attribute, 334 
multiple default routes, configuring, 130-133 
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natural masks, 292 
displaying in routing table, 293 
neighbor advertise-map command, 119-124 
neighbor advertisement-interval command, 124-128 
Neighbor capabilities field (show ip bgp neighbors 
command), 306 
neighbor default-originate command, 128-133 
neighbor description command, 136-137 
neighbor distribute-list in command, 137-143 
neighbor distribute-list out command, 143-149 
neighbor ebgp-multihop command, 149-151 
Neighbor field (show ip bgp summary 
command), 311 
neighbor filter-list command 
in option, 151-160 
out option, 161-170 
weight option, 170-174 
neighbor maximum-prefix warning-only command, 
175-179 


next-hop-self option (neighbor command) 367 


neighbor next-hop-self command, 180-182 
neighbor originate route-map command, 133-135 
neighbor password command, | 82-183 
neighbor peer-group command, 184-187 
neighbor prefix-list command 
in option, 187-192 
out option, 193-197 
neighbor relationships 
creating, 149-151 
Idle, 315 
inbound soft reconfiguration, configuring, 229 
logging changes in, 89-9] 
peer groups 
creating, 184-187 
verifying configuration, 64-65 
routes, leaking, 231-234 
shutting down, 228 
statistics, displaying, 305-306 
neighbor remote-as command, 198-201 
neighbor remove-private-as command, 202-204 
neighbor route-map command 
in option, 204-211 
out option, 212-218 
neighbor route-reflector-client command, 218-224 
neighbor send-community command, 226-227 
neighbor shutdown command, 227-228 
neighbor soft-reconfiguration inbound command, 
229-230 
neighbor timers command, 230-231. See also timers 
bgp command 
neighbor unsuppress-map command, 231-234 
neighbor update-source command, 234-238 
neighbor version command, 238-239 
neighbor version field (show ip bgp neighbors 
command), 307 
neighbor weight command, 239 
network command, 243-247 
backdoor option, 247—250 
mask parameter, 246 
Network field (show ip bgp fiap-statistics 
command), 303 
Network field (show ip bgp output), 286 
Next Hop field (show ip bgp output), 286 
next-hop attribute, 335, 337 
next-hop information, modifying, 180-182 
next-hop-self option (neighbor command), 180-182 
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NO-EXPORT community value, 
configuring, 225-227 

non-BGP learned routes, redistribution, 253-258 

nonconnected EBGP neighbors, configuring, 
150-151 

nonnatural masks, 292 

nontransitive optional attributes, 339 

notifications field (show ip bgp neighbors 
command), 307 
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Open Confirm state, 341 

Open Sent state, 341 

optional attributes, 338-339 

options 

aggregate-address command 
as-set, 12-17 
as-Set advertise-map, 17-19, 21-24 
attribute-map, 24 
route-map, 24-29 
summary-only, 29-32 
suppress-map, 33-36 
neighbor command 

ebgp-multihop, 149-151 
filter-list, 170-174 
filter-list in, 151-160 
filter-list out, 161-163, 167-170 
maximum-prefix, 175-179 
next-hop-self, 180-182 
password, 182-183 
peer group, 184-187 
prefix-list, 187-192 
prefix-list out, 193-197 
remote-as, 198-201 
remove-private-as, 202—204 
route-map in, 204-211 
route-map out, 212-217 
route-reflector-client, 218-224 
send-community, 225-227 
shutdown, 227-228 
soft-reconfiguration inbound, 229-230 
timers, 230-231 
unsuppress-map, 231—234 
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update-source, 234-237 
version, 238-239 
weight, 239 
origin attribute, 334 
Origin codes field (show ip bgp flap-statisties 
command), 302 . 
Origin codes field (show ip bgp output), 286 
ouput distribute lists, configuring, 143-149 
Outbound path policy field (show ip bgp neighbe 
command), 3()7 
outgoing route updates, filtering, 193-197 
based on AS path information, 161-162, 
164-170 rm 


output 
show commands, reducing, 345 

show ip bgp command, fields, 286 

show ip bgp flap-statistics command, fields, 

302-303 ; 

show ip bgp neighbors command, ia 

306-308 

show ip bgp summary command, fields; 

310-311 U 

output distribute lists, configuring, 148 

output modifiers, BGP routing table entries, 

displaying, 291-292 
output updates, debugging. 329 P 
OutQ field (show ip bgp summary comman a ] 


parameters, route dampening, 77 
customizing, 81-82 
password option (neighbor command), 182 
path attributes (BGP), atomic aggregate, on 
Path field (show ip bgp flap-statistics 
command), 303 
Path field (show ip bgp output), 286 
path selection, 340 
peer group option (neighbor command), ! 
peer groups 
creating, 184-187 
next-hop information, modifying, 180-18 
statistics, displaying, 310 
verifying configuration, 64-65 
penalizing flapping routes, 77 


permit/deny route map form, 354 
permil/permit route map form, 354 
permitting route advertisement, 213 
Prefix advertised field (show ip bgp neighbors 
command), 307 
prefixes. See also dampened routes 
advertising, 245-246 
aggregating from different ASs, 12-17 
corresponding BGP table entry, displaying, 287 
corresponding communities, displaying, 
294-296 
learned routes, limiting, 175-179 
primary, advertising, 119-124 
route flaps, 76-77 
dampening, 77-80 
penalties for, 77 
secondary, suppressing, 119-124 
subset from different ASs, aggregation, 
18-24 
prefix-list option (neighbor command), 187-192 
prefix-list out option (neighbor command), 193-197 
prepending AS numbers, 214 
private AS numbers, removing from updates, 
202-204 


R 


revnxt field (show ip bgp neighbors command), 308 
revwnd field (show ip bgp neighbors command), 308 
Received field (show ip bgp neighbors 

command), 307 
redistribute protocol command, 253-258 
redistribute protocol metric metric command, 

258-263 
redistributed routes 

aggregating, 8 
connected routes, verifying, 261-262 
learned routes 

non-BGP, 253-258 

adding to routing table, 113-116 

aggregation, 8-10) 

IBGP, synchronization, 273-277 
metrics, assigning to, 98-100 
selective, 264-268 


route reflectors 369 


reducing output from show commands, 345 
redundant route reflectors, configuring, 66-69 
regular expressions, 345 
complex, 346 
filtering AS paths, 347 
special characters, 346 
remote AS field (show ip bgp neighbors 
command), 306 
remote router ID field (show ip bgp neighbors 
command), 306 
remote-as option (neighbor command), 198-201 
remove-private-as option (neighbor command), 
202-204 
removing private AS numbers in updates, 202-204 
resetting 
BGP connections, 315 
connections, 143 
restricting 
learned routes, 175-179 
output of show commands, 345 
Reuse field (show ip bgp flap-statistics 
command), 303 
RFCs, BGP-related, 342 
route dampening 
configuring, 76-78 
default configuration, 77-80 
parameters, customizing, 81-82 
route filtering 
based on AS path information, 210-211 
with standard access lists. 212-213 
route flaps, 76-77 
route maps 
AS path filters, 347 
configuring, 204-211 
dampening parameters, configuring, 82-84 
deny/deny form, 356 
deny/permit form, 355 
empty, effect of, 350-351 
logic of, 349-350 
permit/deny form, 354 
permit/permit form, 354 
route reflectors 
clusters, 66 
configuring, 62-65, 219-224 
redundancy, 66-69 
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Route refresh field (show ip bgp neighbors 
command), 306-307 
route-map in option, neighbor command, 204-211 
route-map option, aggregate-address command, 
24-29 
route-map out option (neighbor command), 212-217 
router IDs, assigning, 91-93 
route-reflector-client option (neighbor command), 
218-224 
routing protocols learned routes redistribution, 
253-258 
routing table 
dampened prefixes, displaying, 296 
displaying, 285-286 
flap statistics, displaying, 301-302 
inconsistent originating ASs, displaying, 
303-305 
natural masks, displaying, 293 
prefixes, displaying corresponding 
communities, 294-296 
prefixes, displaying, 287 
RTTO field (show ip bgp neighbors command), 308 
RTYV field (show ip bgp neighbors command), 308 


S 


security, enabling MDS authentication, 182-183 
selecting best path, 45-46, 248-250 
based on route attributes, 30-62 
deterministic best path, 86 
selecting paths, 340 
selective attribute manipulation, 209 
selective redistribution, 264-268 
send-community option (neighbor command), 
* 225-227 
Sent field (show ip bgp neighbors command), 
307-308 
setting 
hold timers, 279-281 
keepalive timers, 279-281 
show commands, 285-311 
output, reducing, 345 
show ip bgp command, 43 
output fields, 286 
show ip bgp filter-list command, 297 


show ip bgp flap-statistics command, 301-303 
show ip bgp inconsistent-as command, 303 
show ip bgp neighbors command, 305-308 
output, 115-116 
show ip bgp paths command, output fields, 309 
show ip bgp summary command, 310-311 . 
show ip route command, output, 116-117 
shutdown option (neighbor command), 227-228 
shutting down neighbor relationships, 228 
sndnxt field (show ip bgp neighbors command), 3 
snduna field (show ip bgp neighbors comman 
sndwnd field (show ip bgp neighbors 
command), 308 
soft keyword (clear commands), 315 
soft-reconfiguration inbound option (neighbor 
command), 229-230 
speakers 
full mesh, configuring, 70-75 
route reflectors 
clusters, 66 
configuring, 219-224 
states of, 341 rr. 
special characters for regular expresssions, 346° 
square brackets in regular expressions, 346 
SRTT field (show ip bgp neighbors command), 30: 
stability, implementing with loopback interfaces, 
235-238 
standard access lists 
configuring, 212-213 
route filtering, 205-206 
State/PfxRed field (show ip bgp summary 
command), 311 
states of BGP speakers, 341 
static routes 
aggregation, | 1-12, 245-246 
metrics, assigning to, 98-100 
redistribution, 258-263 
selective redistribution, 264-268 
statistics, displaying 
neighbors, 305-306 
peer groups, 310 
Status codes field (show ip bgp flap-statistics 
command), 302 } 
Status codes field (show ip bgp output), 286 
summary-address command. See aggregate-adare 
command 


2. 


summary-only option (aggregate-address 
command), 29-32 
suppressed field (show ip bgp neighbors 
command), 307 
suppressing 
more-specific routes, 29-32 
secondary route while advertising primary 
route, 119-124 
subset of more-specific routes, 33-36 


suppress-map option (aggregate-address command), 


33-36 
synchronization 
troubleshooting, 277 
verifying configuration, 276 
synchronization command, 273-277 
syslog, logging neighbor relationship 
changes, 89-9] 


T 


Tbl Ver field (show ip bgp summary command), 311 


TCP sessions, configuring, 198-201 
terminating neighbor relationships, 228 
timers bgp command, 279-282 
timers option (neighbor command), 230-23] 
topologies, configuring full mesh, 70-75 
total data bytes field (show ip bgp neighbors 
command), 308 
transitive optional attributes, 339 
troubleshooting 
administrative distance configuration, 106 
auto-summarization, 43 
default route advertisement, 97 
IP routing table, installed routes, 117 
synchronization, 277 
timer configuration, 282 


U 


UNIX syslog, logging neighbor relationship 
changes, 89-91 

unread input bytes field (show ip bgp neighbors 
command), 307 


viewing 371 


unsuppress-map option (neighbor command), 
231-234 
up for field (show ip bgp neighbors command), 306 
Up/Down field (show ip bgp summary 
command), 311 
updates, 76-77 
debugging, 327-329 
filtering 
based on AS path information, 
151-170 
incoming updates, 187-192 
outgoing updates, 193-197 
minimum interval, configuring, 125-127 
private AS numbers, removing, 202—204 
to/from specific neighbor, debugging, 321-322 
update-source option (neighbor command), 234-237 


V 


V field (show ip bgp summary command), 311 
verifying 
administrative distance, 106 
aggregate address configuration, 10 
auto-summiarization configuration, 42 
BGP timer configuration, 281 
confederation peer relationships, 74-75 
default route configuration, 97 
fast external failover configuration, 88 
installed routes in IP routing table, 116-117 
peer group configuration, 64-65 
redisribution 
of connected routes, 261-262 
of non-BGP learned routes, 256-258 
synchronization, 276 
version option (neighbor command), 238-239 
viewing 
BGP connection status, 310 
BGP neighbor statistics, 305-306 
BGP peer group statistics, 310 
BGP routing table, 285-286 
dampened prefixes, 296 
dampened routes, 80 
natural masks in routing table, 293 
neighbor status change events on console, 90 


prefixes and corresponding communities, 
294-296 
routing table entries 
flap statistics, 301-302 
inconsistent originating ASs, 303-305 


W-Z 


weight attribute, 333 
configuring for local routes, 239 
setting, 170-174 
Weight field (show ip bgp output), 286 
weight option (neighbor command), 239 
well-known attributes, 338-339 
with data field (show ip bgp neighbors 
command), 308 
withdrawn field (show ip bgp neighbors 
command), 307 
WITHDRAWN messages, 76-77 
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Introduction 


Border Gateway Protocol (BGP) allows the aggregation of specific routes into one route using the 
aggregate—address address mask [as—set] [summary-—only] [suppress—map map—name] 

[advertise—map map—name] [attribute-map map—name] command. When you configure 
aggregate—address without any arguments, it doesn't inherit the attributes (such as as_path or community) of 
the individual routes, which causes a loss of granularity. The purpose of this document is to illustrate how to 
manipulate the different attributes when using the aggregate—address command and to influence its 
propagation. 


Network Diagram 


160.20.0.0/16 160.10.0.0/16 


3.3.3.0/8 


Router B 


Router A 


Router D 


Aggregating without the as-set Argument 


Using the as—set argument creates an aggregate address with a mathematical set of autonomous systems 
(AS). This as—set summarizes the as_path attributes of the all of the individual routes. We'll use the sample 


Cisco — Understanding Route Aggregation in BGP 


configurations below to examine this feature and how it helps BGP detect and avoid loops. 


Current configuration: 


hostname RouterA 
! 


interface Seriall 


ip address 2.2.2.2 255.0.0.0 
i] 


router bgp 100 
network 160.20.0.0 
!-— Network 160.20.0.0/16 advertised by Router A 


neighbor 2.2.2.1 remote-as 300 
! 


end 


Current configuration: 


hostname RouterB 
! 


interface SerialO 


ip address 3.3.3.3 255.0.0.0 
i] 


router bgp 200 
network 160.10.0.0 
!---— Network 160.10.0.0/16 advertised by Router B 


neighbor 3.3.3.1 remote-as 300 
! 


end 


Current configuration: 


hostname RouterC 
! 
interface Serial0 
ip address 2.2.2.1 255.0.0.0 
! 
interface Seriall 
ip address 3.3.3.1 255.0.0.0 
! 
interface Serial2 


ip address 4.4.4.1 255.0.0.0 
! 


router bgp 300 

neighbor 2.2.2.2 remote-as 100 

neighbor 3.3.3.3 remote-as 200 

neighbor 4.4.4.4 remote-as 400 

aggregate-address 160.0.0.0 255.0.0.0 summary-only 


!--- Network is summarized and only 160.0.0.0/8 is advertised 
! 


end 
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Current configuration: 


hostRouterDe RTD 
! 
interface Serial0O 


ip address 4.4.4.4 255.0.0.0 
! 


router bgp 400 


neighbor 4.4.4.1 remote-as 300 
! 


end 


Router C (AS—300) is aggregating the routes 160.20.0.0/16 and 160.10.0.0/16 coming from AS—100 and 
AS—200 respectively. This is due to the summary-only argument configured on Router C. Only the 
aggregate 160.0.0.0/8 (the classless interdomain routing (CIDR) route) is announced to Router D. The more 
specific 160.10.0.0/16 and 160.20.0.0/16 routes are suppressed as shown in the BGP table on Router C 
below. 


RouterC#show ip bgp 
BGP table version is 6, local router ID is 4.4.4.1 


Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 
Network Next Hop Metric LocPrf Weight Path 
*> 160.0.0.0/8 0.0.0.0 32768 i 
s> 160.10.0.0 335.3%3:-3 0) 0 200 i 
s> 160.20.0.0 QE 222 0) 0 100 i 


Now let's look at the BGP table of Router D to observe the path information of the aggregate route: 


RouterD#show ip bgp 
BGP table version is 6, local router ID is 4.4.4.4 


Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 

Network Next Hop Metric LocPrf Weight Path 
*> 160.0.0.0/8 4.4.4.1 0 300 i 


The aggregate route 160.0.0.0/8 is considered as being originated from AS—300 with Origin Code IGP, and 
has lost all the specific as_path information of the individual prefixes 160.10.0.0/16 (of AS—200) and 
160.20.0.0/16 (of AS—100). 


Aggregating with the as—set Argument 


Now let's configure the as—set argument in the aggregate—address command on Router C. The new 
configuration is shown below. 


Current configuration: 


hostname RouterC 
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interface Serial0 

ip address 2.2.2.1 255.0.0.0 
! 

interface Seriall 

ip address 3.3.3.1 255.0.0.0 
! 

interface Serial2 


ip address 4.4.4.1 255.0.0.0 
! 


router bgp 300 

neighbor 2.2.2.2 remote-as 100 
neighbor 3.3.3.3 remote-as 200 
neighbor 4.4.4.4 remote-as 400 


aggregate-address 160.0.0.0 255.0.0.0 summary-only as-set 
! 


end 


Now let's see how this influences the show ip bgp output on Router D. 


RouterD#show ip bgp 
BGP table version is 2, local router ID is 4.4.4.4 


Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 

Network Next Hop Metric LocPrf Weight Path 
*> 160.0.0.0/8 4.4.4.1 0 300 {200,100} i 


Using the as—set argument, the path information in the BGP table for the aggregate route changes to include 
a set from 300 {200,100}. This indicates that the aggregate actually summarizes routes that have passed 
through AS—200 and AS—100. The as—set information becomes important in avoiding routing loops because 
it records where the route has been. 


In any closed network this aggregate information propagates through BGP back to one of the AS's listed in 
as-—set, thus creating the possibility of a loop. The loop detection behavior of BGP notes its own AS number 
in the asset of the aggregate update and drops the aggregate, thus preventing a loop. 


Note: The as—set argument contains information about each individual route that is summarized and changes 
in the individual route cause the aggregate to be updated. In our example, if 160.10.0.0/16 goes down, the 
path information of the aggregate changes from 300 {200,100} to 300 {200} and the aggregate is updated. If 
the aggregate summarizes tens or hundreds of routes, it could be constantly flapping if the routes forming the 
aggregate have problems. 


Changing the Attributes of the Aggregate Route 


In the above configuration we showed how to use as-set to save the as_path attributes with a specific route. 
In some cases, you may need to change the attributes (such as metric, community, and origin) of the 
aggregate route. 


To understand how you can use the attribute-map argument to manipulate the 

aggregate—address attributes, let's take a case where one or more of the specific aggregated routes is 
configured with the no-export community attribute. Router A sets the community attribute no—export to 
network 160.20.0.0/16 and announces it to Router C as shown in the configuration below. Router C inherits 
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the community attribute no-export while aggregating 160.0.0.8, and therefore 160.0.0.0/8 does not get 
advertised to Router D. The configuration of Routers B, C, and D are unchanged. Below is the new 
configuration for Router A. 


Current configuration: 


hostname RouterA 


! 
interface Seriall 


ip address 2.2.2.2 255.0.0.0 
! 


router bgp 100 

network 160.20.0.0 

!-— Network 160.20.0.0/16 is advertised by Router A 
neighbor 2.2.2.1 remote-as 300 


neighbor 2.2.2.1 send-community 
neighbor 2.2.2.1 route-map SET_NO_EXPORT out 


access-list 1 permit 160.20.0.0 0.0.255.255 
route-map SET_NO_EXPORT permit 10 

match ip address 1 

set community no-export 

!-- Community attribute no-export is set 


at Router A for route 160.20.0.0/16 
! 


end 


Now let's look at the BGP table of Router C for 160.0.0.0/8. 


RouterC#show ip bgp 160.0.0.0 
BGP routing table entry for 160.0.0.0/8, version 9 
Paths: (1 available, best #1, not advertised to EBGP peer) 
Not advertised to any peer 
{200,100}, (aggregated by 300 4.4.4.1) 
0.0.0.0 from 0.0.0.0 (4.4.4.1) 
Origin IGP, localpref 100, weight 32768, valid, aggregated, local, atomic-— 
aggregate, best, ref 2 
Community: no-export 


The community no-export stops Router C from announcing the aggregate route to its eBGP peer Router D. 
Router D shows that it has not learned 160.0.0.0 from Router C: 


RouterD#show ip bgp 160.0.0.0 
% Network not in table 


By configuring the attribute—map argument at Router C, we manipulate the community attribute of the 
aggregate route from no—export to none, and thus allow the aggregate to be advertised to Router D. 


Current configuration: 
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hostname RouterC 

! 

interface Serial0 

ip address 2.2.2.1 255.0.0.0 
! 
interface Seriall 

ip address 3.3.3.1 255.0.0.0 
! 
interface Serial2 


ip address 4.4.4.1 255.0.0.0 
! 


router bgp 300 


neighbor 2.2.2.2 remote-as 100 

neighbor 3.3.3.3 remote-as 200 

neighbor 4.4.4.4 remote-as 400 
aggregate-address 160.0.0.0 255.0.0.0 as-set summary-only attribute-map Map 
!-- Using the attribute-map argument allows us 
to change the community of the aggregate 

' 
route-map Map permit 10 

set community none 

!--— Community of aggregate is set to "none" 
end 


Now let's look at the BGP table of Router C for 160.0.0.0/8. Since there is no community set for the 
aggregate route, Router C advertises 16.0.0.0/8 to Router D. 


RouterC#show ip bgp 160.0.0.0 
BGP routing table entry for 160.0.0.0/8, version 6 
Paths: (1 available, best #1) 

Advertised to non peer-group peers: 

26242652 363.323 4.4.4.4 

{200,100}, (aggregated by 300 4.4.4.1) 

0.0.0.0 from 0.0.0.0 (4.4.4.1) 
Origin IGP, localpref 100, weight 32768, valid, aggregated, local, atomic-— 

aggregate, best, ref 2 


The show ip bgp 160.0.0.0 output at Router D shows it has learned the aggregate route 160.0.0.0/8 from 
Router C. 


RouterD#show ip bgp 160.0.0.0 
BGP routing table entry for 160.0.0.0/8, version 10 
Paths: (1 available, best #1, table Default—IP-Routing-Table) 
Not advertised to any peer 
300 {200,100}, (aggregated by 300 4.4.4.1) 
4.4.4.1 from 4.4.4.1 (4.4.4.1) 
Origin IGP, localpref 100, valid, external, best 


Using advertise—map to Aggregate a Subset of Specific 
Routes 


Having control over the individual prefixes that form the aggregate route is useful in deciding which 
attributes the aggregate is going to carry. In the previous example, if we exclude prefix 160.20.0.0 from the 
aggregate route, the aggregate 160.0.0.0/8 will not inherit the community attribute no—export. We achieve 
this by configuring the advertise—map argument at Router C. 
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Current configuration: 


hostname RouterC 

! 
interface Serial0 

ip address 2.2.2.1 255.0.0.0 

! 
interface Seriall 

ip address 3.3.3.1 255.0.0.0 

! 
interface Serial2 

ip address 4.4.4.1 255.0.0.0 

! 
router bgp 300 

neighbor 2.2.2.2 remote-as 100 

neighbor 3.3.3.3 remote-as 200 

neighbor 4.4.4.4 remote-as 400 
aggregate-address 160.0.0.0 255.0.0.0 as-set summary-only advertise-map SELECT_SP_ROUTE 
!-- Exclude a particular prefix by using "advertise-map" 
! 
access-list 1 permit 160.10.0.0 0.0.255.255 
! 
route-map SELECT_SP_ROUTE permit 10 


match ip address 1 
! 


end 


Now let's look at the BGP table of Router C for 160.0.0.0/8. 


RouterC#show ip bgp 160.0.0.0 
BGP routing table entry for 160.0.0.0/8, version 15 
Paths: (1 available, best #1) 

Advertised to non peer-group peers: 

2.2.2.2 4.4.4.4 

200, (aggregated by 300 2.2.2.1) 

0.0.0.0 from 0.0.0.0 (2.2.2.1) 
Origin IGP, localpref 100, weight 32768, valid, aggregated, local, atomic-— 

aggregate, best, ref 2 


Only AS—200 is part of the as_path information of the aggregate, not AS—100. Also the community 
no-export is not inherited from 160.20.0.0/16. Therefore the aggregate route is announced to Router D as 
shown in the show ip bgp 160.0.0.0 output. 


RouterD#show ip bgp 160.0.0.0 
BGP routing table entry for 160.0.0.0/8, version 7 
Paths: (1 available, best #1, table Default—IP-Routing-Table) 

Not advertised to any peer 

300 200, (aggregated by 300 4.4.4.1) 

4.4.4.1 from 4.4.4.1 (4.4.4.1) 
Origin IGP, localpref 100, valid, external, atomic-aggregate, best 

ip bgp 160.0.0.0 


It is also worth noting that since the aggregate as—set has AS—200 only, Router A (in AS—100) accepts the 


aggregate route and installs it in its routing table. This is due to the BGP loop detection mechanism, which 
does not detect its own AS in as-set. 
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RouterA#show ip bgp 
BGP table version is 3, local router ID is 160.20.0.1 


Status codes: s suppressed, d damped, h history, * valid, > best, i - internal 
Origin codes: i - IGP, e - EGP, ? - incomplete 
Network Next Hop Metric LocPrf Weight Path 
*> 160.0.0.0/8 2.2.2.1 0 300 200 i 
*> 160.20.0.0 0.0.0.0 0 32768 i 
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